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IDS  orders  The  Air  Force  is  stepping  up  its  intrusion- 

detection  efforts  under  Lt  Gen.  Jack  Woodward's  guidance.  PAGE  10. 


Management  muscle  Microsoft  announces  a  plan 

to  manage  net  services  rather  than  individual  components.  PAGE  16. 
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next  for  N+l  spotlight  to  shine 
carriers?  on  security,  switches 


■  BY  DENISE  PAPPALARDO 
AND  MICHAEL  MARTIN 

The  abrupt  departure  of 
WorldCom  President  and  CEO 
Bernie  Ebbers  last  week  set  off 
a  chain  reaction  of  speculation 
about  what  the  future  holds  for 
the  beleaguered  long-distance 
companies. 

WorldCom, 
the  No.  2  inter- 
exchange 
carrier  (IXC) 
in  the  U.S., 
faces  the  most 
uncertainty 
short  term  as 
Ebbers  leaves 
behind  a  bal¬ 
ance  sheet  thrown  off  kilter  by 
heavy  debt  and  falling  revenue. 
John  Sidgmore,  vice  chairman, 
takes  over  Ebbers’  post,  even  as 
many  industry  observers  ques¬ 
tion  whether  bankruptcy  is 
inevitable. 

But  WorldCom  isn’t  alone.  AT&T 
and  Qwest  face  the  same  trou¬ 
bles  in  varying  degrees,  beset  by 
falling  service  demand,  the  utter 
collapse  of  voice  revenue  and 
tepid  growth  prospects. 

See  WorldCom,  page  8 


Vendors  aim  to 
help  users  simplify 
network  security, 

■  BY  TIM  GREENE 
AND  ELLEN  MESSMER 

LAS  VEGAS  —  A  slew  of  ven¬ 
dors  this  week  will  take  the  stage 
at  NetWorld+Interop  2002  Las 
Vegas  to  highlight  new  products 
and  services  aimed  at  making 
networks  safer. 

Vendors  are  looking  to  simplify 
this  important  task  by  processing 
multiple  security  applications  on 
a  single  device,  as  is  the  case  with 
start-up  FortiNet.  Others,  such  as 
Rainbow  Technologies  and  Neo- 
teris,  will  take  advantage  of  ubiq¬ 
uitous  Secure  Sockets  Layer  tech¬ 
nology  to  make  Web  access 
more  secure  and  easier  to  set  up. 
And  still  others,  such  as  VeriSign, 
will  offer  services  that  let  busi¬ 
nesses  turn  over  the  burden  of 
maintaining  network  integrity  to 
someone  else. 

For  its  part,  FortiNet  is  introduc¬ 
ing  six  models  of  its  FortiGate 

See  Security,  page  110 


Visit  www.nwfusion.com 
for  online  show  coverage 
all  week.  DocFinder:  9247 


Hitachi  Data 
Systems  to  juice  up 
storage  line,  age  12 

SNMP  Research, 
newcomer  Network 
Physics,  to  air 
management  tools. 

Page  12 

New  offerings 
aimed  at  wireless 
LAN  management, 
security.  Page  14 

Verio  to  expand 
hosting,  IP  VPN 
offerings.  Page  14 

SonicWall  to  give 
telecommuters  a 
hand.  Page  22 


10G  Ethernet  to  get 
a  workout.  Page  25 

RiverSoft  seeks  to 
boost  MPLS  nets. 

■' 

Dorado  Software  to 
tackle  multivendor 
management. 


Variety  of  new  switches  to  support 
everything  from  10G  Ethernet  to  VoIP. 


■  BY  PHIL  HOCHMUTH 
AND  TIM  GREENE 

LAS  VEGAS —  3Com,  Foundry 
Networks  and  Hewlett-Packard 
will  use  NetWorld+Interop  2002 
Las  Vegas  this  week  to  introduce 
wares  that  address  resiliency, 
convergence,  management  and 
scalability. 

With  those  themes  as  a  back¬ 
drop,  3Com  will  outline  its  10G 
Ethernet  strategy  as  part  of  its 
Expandable  Resilient  Network 
(XRN)  technology  for  clustering 
fixed-configured  switches  into  a 
large-scale  LAN  backbone. 

Announced  in  March,  XRN  is 


3Com’s  new  approach  to  build¬ 
ing  enterprise  networks  by  clus¬ 
tering  smaller,  less-expensive 
stackable  switches  into  a  redun¬ 
dant  mesh.  3Com  says  it  will  add 
10G  Ethernet  to  this  equation  in 
the  first  half  of  2003  when  it 
releases  a  fixed-configuration 
box  with  multiple  Gigabit  Ether¬ 
net  ports  and  a  single  10G  Ether¬ 
net  port  for  aggregating  server 
and  switch  traffic  in  a  large  net¬ 
work  core.  3Com  says  it  also  will 
release  10G  modules,  most  likely 
for  its  4000  line  of  chassis-based 
switches. 

“3Com’s  challenge  will  be 

See  Switches,  page  112 


Exclusive  coverage  from 

N+l  InteropNet  Lab 


.  First-ever  public  interoperability  testing 
of  802.1x  wireless  security  standard  yields 
encouraging  results. 


pre-stage 
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•  The  seventh  time  is 
the  charm  for  world's 
largest  MPLS 
interoperability  test. 


Page  64 


>  IP  storage  gets  a  boost 
as  ILabs  engineers 
demonstrate  ISCSI 
to  Fibre  Channel 
connectivity. 
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identities. 

You  hear  that? 


Sun  ONE 
Directory  Server 


Sun  ONE 
Identity  Server 


Sun  ONE 

Open  Net  Environment 


Reports  from  the  road:  Textron. 

With  diverse  businesses  in  aerospace,  industrial, 
telecom  and  other  industries,  Textron  needed  to 
simplify  network  identity.  Sun  ONE  Directory  Server 
helps  them  gain  enterprise  efficiency,  to  deliver 
better  information  to  the  right  employees,  partners 
and  customers. 


Sun’s  associates  for  the  ride. 


i 


Sun  teams  with  some  of  the  best  systems  integrators 
in  the  business  providing  the  knowledge  and  experi¬ 
ence  you  need  to  develop  and  implement  identity 
and  security  policies  on  the  Sun  ONE  Directory  Server 
today:  Cap  Gemini  Ernst  &  Young,  Deloitte  &  Touche, 
EDS,  PricewaterhouseCoopers  and  Schlumberger. 


Buy  the  Sun  ONE  Directory  Server 
and  get  25%  off  the  purchase  price. 
www.sun.com/ident 
Offer  expires  July  29,  2002. 


Safeguard  your  own  customer  or  employee  directories  with  Suri“ONE  Directory 
Server  and  Sun  ONE  Identity  Server. 


The  first  stop  on  the  road  to  building  out 
your  Web  services  platform  is  determining 
your  identity  management  strategy.  After 
all,  customers  are  your  organization’s 
most  valuable  asset,  so  protecting  your 
directory  and  customer  profiles  must 
be  a  priority.  Now  you  can  get  ironclad 


protection  of  your  customer  data  with  the 
Sun  "  ONE  Directory  Server  and  Sun  ONE 
Identity  Server.  That’s  because  Sun  ONE 
is  built  to  the  highest  security  standards, 
so  that  your  data  stays  safe  from  hackers 
and  viruses.  It’s  how  60  of  the  Fortune  100 
help  protect  their  customers. 


get  NetWare  6. 

now  your  Network 

is  just  a  browser  away. 


Need  access  from  Australia?  Want  to  print  from  Prague?  Get  the  freedom  of  NetWare®  6.  As  part  of  Novell’s  one  Net 
vision,  NetWare  6  lets  your  users  have  access  to  their  file,  print  and  other  storage  resources  from  any  browser  in  the  world, 
anytime.  So  no  more  lugging  laptops  to  Latin  America.  All  they’ll  need  is  any  computer  with  an  Internet  connection. 
That’s  it.  And  that’s  the  beauty  of  one  Net.  So  take  this  as  a  sign  and  visit  www.novell.com/netware6  to  learn  more. 


Novell. 

the  power  to  chaNge 
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■  10  Air  Force  goes  on  net-security  offensive. 

■  10  NetVmg  boxes  up  route-control  software. 

■  12  Hitachi  raises  the  storage  bar. 

■  12  Performance  management,  SNMP  packages  on  tap  at  N+l. 

■  14  Vendors  io  address  wireless  LAN  foibles. 

■  14  Verio  enhances  VPN,  hosted  services. 

■  16  Microsoft  sketches  out  management  platform. 

■  18  Newsman’s  start-up  eyes  multimedia  nets. 

■  18SAML  gains  steam. 

■  22  SonicWall  VPN  box  protects  remote  users. 


Infrastructure 

■  25  10G  Ethernet  set  to  star  at 
NetWorld+ Interop. 

■  25  Cisco  fortifies  remote  branch 
routers. 

■  26  WatchGuard  springs  new  VPN 
products. 

■  26  Wireless  LAN  providers  team 
to  offer  roaming. 

■  28  Acirro  helps  manage  dis¬ 
tributed  net-attached  storage. 

■  28  Dave  Kearns:  Gates, 
Fiorina:  Get  out  of  court  and  back 
to  work. 

■  30  Special  Focus:  Bridges: 
Taking  wireless  to  the  wide  area. 

Enterprise 

Applications 

■  35  Oracle  embraces 
outsourcing. 

■  35  Quest's  tools  for  Active 
Directory. 

■  36  Documentum  eases  Web 
classification. 

■  38  Adorno  bolsters  speech- 
recognition  product. 

■  38  Ipswitch  adds  outbound  mail 
filtering  to  (Mail. 

■  38  Scott  Bradner: 

Automatic  and  thus  meaningless. 

Service  Providers 

■  41  Covad  makes  new  DSL 
guarantees. 

■  41  Cable  &  Wireless  ups  latency 
SLAs  in  North  America,  Europe. 

■  44  Telseon  CEO  remains  bullish 
on  Ethernet,  wavelength  services. 


■  46  Lisa  Pierce:  VoIP  needs 
more  spice  before  the  masses 

will  bite. 

The  Edge 

■  49  Allegro  co-founder  wants  to 
rework  routing. 

■  49  RiverSoft  looks  to  manage 
MPLS  networks. 

■  50  Dorado  helps  simplify  man¬ 
agement  of  multivendor  nets. 

Technology  Update 

■  53  IP  switches  deliver  broad¬ 
band  over  cable. 

■  53  Steve  Blass:  Ask  Dr 

Internet. 

■  54  Mark  Gibbs:  Cost  effec¬ 
tive  network  management. 

■  54  Keith  Shaw:  Cool  tools, 
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Management 

Strategies 

■  85  Strengthen  your  SLAs:  Use 
the  right  terms  to  make  sure  you 
get  what  you're  paying  for. 


Lab 


N+l  InteropNet  Labs 

Our  Global  Test  Alliance  members  spent  two  weeks  in 
a  drafty  warehouse  in  Belmont,  Calif,  to  bring  you 
exclusive,  pre-stage  results  from  the  N+l  InteropNet  Labs.  This  year, 
the  iLabs  engineers  focused  on  three  cutting-edge  technologies  — 
the  802.1x  wireless  LAN  security  standard,  Multi-protocol  Label 
Switching  and  the  iSCSI  protocol  for  IP  storage.  Page  61. 


Features 


Buyer’s  Guide: 

Storage-area  networks 

SANs  are  in  demand  these  days  as  a  way  to  provide 
business  continuance  in  the  event  of  a  network  dis¬ 
aster.  Page  71. 

Online  Buyer’s  Guide  chart  DocFinder:  9230 


Review 

Brocade  edges  McData  in  our  test  of  director-class 
SAN  switches.  Page  72. 

Exclusive  review 

NetScreen’s  new  firewall  appliances  offer  enhanced 
speed  and  usability.  Page  79. 
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Forum:  Ebbers  is  out;  what’s  next? 

Controversial  WorldCom  CEO  Bernie  Ebbers  has  quit  the  company. 
What  does  this  mean  for  the  carrier  and  its  customers?  Readers 
react  to  the  company's  future,  Ebbers'  many  acquisitions  and  more. 
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Compendium 

The  social  network 

Fusion  Executive  Editor  Adam  Gaffin  shows  you  how  one 
person  has  used  sociological  techniques  to  look  at  how  to 
design  a  computer  network. 

DocFinder:  9241 


N+l  news 

Heading  to  Las  Vegas?  Staying  home?  Either  way,  we've  got  you  covered. 
If  you're  going  to  the  big  show,  check  out  our  online  planner  of  the 
keynotes,  events  and  sessions  you  won't  want  to  miss  (PDA  fans  can 
download  it  into  their  devices).  If  you  can't  make  the  trip,  stay  on  top  of 
all  the  goings  on  at  our  N+l  breaking  news  page.  Plus,  Network  World 
Multimedia  Editor  Jason  Meserve  will  offer  daily  audio  roundups  from  the 
show  floor. 
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Your  daily  dose  of  cool 

Can't  wait  for  the  weekly  installation  of  our  Cool  Tools  column?  Have  no 
fear  —  every  day,  Cool  Tools  columnist  Keith  Shaw  will  update  you  on 
the  latest  news  on  gear  designed  to  make  your  professional  —  and 
personal  —  life  more  exciting. 
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Sharing  one  DSL  connection 

Columnist  Ron  Nutter  answers  a  reader  who  wants  two 

networked  PCs  to  share  Internet  access. 
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Virtual  firm  turns  to  Web  services 
Columnist  Jeff  Zbar  points  out  that  telework  won't  work  if 
you  can't  manage  the  paperwork,  clients,  projects  and 
accounts  well. 
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Sun  execs  hit  the  road 

■  Nonbelievers  say  something  more  sinister  is  afoot,  but  Sun  insists  last  week’s  announce¬ 
ment  that  President  and  COO  Ed  Zander  is  leaving  is  all  part  of  an  organized  succession 
process  that  the  company  wants  to  get  under  way  when  it  starts  a  new  fiscal  year  July  1. 
Zanders  announcement  comes  just  a  week  after  Suns  respected  CFO,  Mike  Lehman, said 
he  would  retire  July  1  .Two  other  senior  executives  with  long  tenures,  John  Shoemaker  and 
Larry  Hambly  also  recently  said  they  would  leave.  And  Stephen  DeWitt,  36, a  vice  president 
and  co-founder  of  Cobalt  Networks,  a  Linux  server  company  that  Sun  bought  in  2000,  left 
the  firm  last  week.  The  pending  departure  of  Zander,  55,  sent  Sun  shares  down  15%  last 
week  to  their  lowest  level  since  late  1998.  Amateur  hockey  player,  fulltime  Microsoft  basher 
and  CEO  Scott  McNealy  recently  said  he  wouldn’t  leave  the  company  but  hinted  last  week 
that  others  may  leave  by  July  Sun  recently  had  its  first-ever  layoffs  and  the  company  is  fac¬ 
ing  increasingly  stiff  competition  in  the  high-end  Unix  arena  from  IBM,  HP  and  others. 


No  foolin'  around 

■  When  the  new  Hewlett-Packard 
officially  launches  Tuesday,  it  will 
announce  details  about  which  HP 
and  Compaq  products  will  live  and 
which  will  die.The  newly  merged  HP 
and  Compaq  also  will  trim  the  num¬ 
ber  of  suppliers  it  uses  for  compo¬ 
nents  such  as  memory  chips  and 
monitors,  creating  a  significant 
reduction  in  costs,  Compaq  CEO 
Michael  Capellas  told  attendees  at  a 
technology  conference  sponsored 
by  Merrill  Lynch  last  week.  Capellas 
will  be  No.  2  at  HP  behind  chair¬ 
woman  and  CEO  Carly  Fiorina. 
Detractors  have  questioned  whether 
the  deal  will  help  HP  compete  more 
successfully  against  Dells  trim  hard- 


TheGoodTheBadTheUgly  IheBookofBigBIU® 


ware  distribution  model  or  IBM’s 
lucrative  services  business.  Capellas  said  HP  has  picked  a  simpler 
strategy  than  IBM’s  by  focusing  on  Microsoft  Windows,  Linux  and 
Intel  chips  as  opposed  to  Big  Blue’s  vast  hardware  portfolio  that 
has  a  number  of  operating  systems  and  chip  architectures.  Against 
Dell,  HP  will  use  some  of  the  expected  cost  reductions  in  combi¬ 
nation  with  its  hefty  research  and  development  efforts  to  edge  out 
its  rival’s  hardware,  he  said.  Capellas  also  hinted  about  the  com¬ 
bined  company’s  product  road  map,  saying  that  HP’s  OpenView 
management  software  will  run  across  all  the  company’s  hardware 
and  that  a  new  handheld  device  with  telephone  capabilities  was 
on  the  way. 


Let  that  be  a  lesson.  David  L.  Smith,  the  creator  of  the  Melissa 
virus  that  infected  thousands  of  computers  in  1999  and  caused  more  than  $80 
million  in  damage,  last  week  was  sentenced  to  20  months  in  federal  prison, 
What's  more,  the  judge  sentenced  Smith  to  three  years  of  what  essentially 
amounts  to  parole,  during  which  he  will  be  banned  from  logging  on  to  a  network 
without  court  permission. 

Under  attack.  Through  2005. 90%  of  cyber- 
attacks  will  exploit  known  security  flaws  for 
which  a  patch  is  available  or  a  solution  is  known, 
according  to  Gartner.  Of  course  if  the  software 
was  designed  right  in  the  first  place...  > 

Let’s  take  a  vote.  Global  media  company 
Vivendi  Universal  last  week  said  the  wireless  voting  system 
used  at  its  shareholders  meeting  appears  to  have  been  interfered 
with  by  hackers  and  that  the  vote  will  need  to  be  redone.  "This 
incident  is  extremely  serious  in  that  it  could  throw  suspicion  on 
the  entire  Paris  stock  market  and  all  the  shareholders  meetings 
currently  using  electronic  voting,  and  possibly  moving  to  Internet  voting  in  the 
future,"  the  company  said.  And  we  thought  the  U.8.  voting  system  had  problems. 


former  CEO  of  IBM,  has  nego¬ 
tiated  a  reported  $4  million  deal  to  write  a  book  about  the  tri¬ 
als  and  tribulations  of  running  one  of 
the  largest  companies  in  the  world. 
Gerstner  is  renowned  for  taking  Big 
Blue  by  the  horns  and  turning  it  into  a 
model  of  corporate  success,  lifting  its 
market  value  from  about  $29  bil¬ 
lion  —  the  company’s  market 
worth  the  year  before  he 
arrived  in  1993  —  to  about 
$181  billion  when  he  retired 
in  2001.  Rumor  has 
it  the  book  will 
be  all  business 
and  not 
memoir 
“tell-aH.” 
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Wireless  rats! 

Last  week,  we  read  about  researchers  in  New  York  who 
implanted  some  electrodes  in  a  rat's  brain,  strapped  on 
a  tiny  backpack  with  a  wireless  receiver  and  proceeded  to 
get  the  animal  to  navigate  a  maze  from  500  meters  away  by  hitting  keys  on  a 
keyboard.  Unfortunately,  none  of  the  published  reports  specified  exactly  which 
wireless  technology  they  used,  but  the  distance  would  seem  to  rule  out  Bluetooth. 
802.11b,  perhaps? 

Get  your  daily  dose  of  stuff  you  gotta  see  in  Compendium: 
www.nwfusiitn.com,  DocFinder:  9250. 


■  After  18  months  of 
development  work,  the 
Open-Office.org  Source 
Project  last  week  released  its 
alternative  to  Microsoft  Office, 
called  OpenOffice.  org  1 .0.  The  soft¬ 
ware  is  an  open  source  implementation 
of  Sun  StarOffice  and  includes  a  word 
processor,  spreadsheet,  presentation  manager,  and  drawing  program.lt  supports  multiple 
file  formats,  including  those  in  Microsoft  Office  and  runs  on  Solaris,  Linux  and  Windows. 
Versions  for  FreeBSD,  IRIX  and  Mac  OS  X  are  under  development. The  software  arrives  at 
a  time  when  many  IT  executives  are  evaluating  alternatives  in  the  face  of  Microsoft’s  new 
licensing  model,  which  could  substantially  raise  their  software  costs. 

Finger  food 

■  West  Seattle  Thiftway  a  grocery  store  in  Seattle,  last  week  began  using  fingerprint  bio¬ 
metrics  at  its  checkout  counters  to  let  shoppers  initiate  a  credit  card  payment  by  placing 
a  finger  on  a  reader. The  system,  put  together  by  VeriFone.Hypercom.Geneco  and  Indivos, 
is  believed  to  be  the  first  such  use  of  biometrics  in  a  grocery  store.  Store  owner  Paul 
Kapioski  said  West  Seattle  Thiftway  is  counting  on  voluntary  enrollment  of  shoppers  will¬ 
ing  to  let  the  store  scan  a  finger  so  they  can  use  that  finger  later  when  paying  for  groceries 
instead  of  using  a  credit  card  to  scan  a  credit  card  reader. 

Cisco  back  in  buying  mode 

■  Cisco  last  week  got  back  into  the  shopping  mood  as  it  purchased  two  start-ups  —  a  chip 
maker  and  an  IP  software  development  firm  —  for  a  combined  $258  million.  Cisco  bought 
Hammerhead  Networks,  an  85-employee  Beverly,  Mass.,  firm  that  develops  network  soft¬ 
ware,  for  $173  million.  Cisco  says  it  will  integrate  Hammerhead’s  products  into  its  service 
provider  edge  products,  including  cable,  broadband  Internet  and  leased-line  products. 
Then  Cisco  snatched  up  Navarro  Networks  of  Plano, Texas,  for  $85  million. The  25-person 
firm  was  acquired  for  its  ASIC  products,  which  Cisco  plans  to  integrate  into  its  Ethernet 
switch  portfolio.  The  two  companies,  which  were  both  partly  owned  by  Cisco,  represent 
the  first  two  acquisitions  this  year  by  the  network  giant.  Cisco  has  acquired  only  four  busi¬ 
nesses  in  the  past  15  months,  a  far  cry  from  the  23  firms  the  company  acquired  in  2000. 


Has  it  been  a  while  since  you  felt  this  secure 
about  your  wireless  network? 
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SMC2504W 
WLAN  Secure  Server 


Whether  you're  using  802.11a,  802.11b  or 
both,  SMC's  EliteConnect™  WLAN  Security 
System  provides  a  new  level  of  security, 
intelligence,  and  control  for  today's  wireless 
networks. 


Advanced  VPN  security,  user  authentication, 
and  rights  management  tools  make 
EliteConnect™  a  comprehensive  scalable 
solution  for  protecting  your  mission  critical 
data. 


For  more  information  about  EliteConnect 
and  SMC's  complete  line  of  wireless  net¬ 
working  solutions,  please  visit  our  Web  site 
at  http://elite.smc.com/nwwp  or  stop  by  our 
booth  for  a  demonstration. 
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WorldCom 

continued  from  page  1 

“In  five  years,  there  will  be  four  to  six  major  providers 
instead  of  the  10  to  12  we  have  now”  says  long¬ 
time  telecom  analyst  Hank  Levine,  a  partner  in  Levine, 
Blaszak,  Block  and  Boothby,  a  firm  specializing  in  tele¬ 
com  contract  negotiations. 

Which  companies  survive  will  be  tough  to  deter¬ 
mine,  Levine  says. 

Candidates  include  the  stronger  incumbents  and 
maybe  one  or  two  of  the 
weaker  players  teamed  with 
international  carriers  such 
as  Deutshe  Telecom  and 
British  Telecom. 

While  WorldCom  managed 
to  squeeze  $130  million  in 
profit  out  of  first-quarter  rev¬ 
enue  of  $8.1  billion,  revenue 
for  the  company  —  which 
includes  WorldCom  Group 
and  MCI  Group  —  actually 
fell  8%  compared  with  the 
year-ago  quarter. 

More  troubling  is  the  carri¬ 
er’s  debt  of  $28  billion,  a 
Securities  and  Exchange 
Commission  investigation 
into  its  accounting  prac¬ 
tices,  and  an  SEC  investiga¬ 
tion  into  $326  million  of 
loans  the  carrier  made  to 
Ebbers. 

Sidgmore  calls  the  SEC  investigations  “red  herrings,” 
but  observers  say  the  company  will  have  to  seek 
the  protection  of  Chapter  1 1  to  restructure  its  debt. 

Sidgmore  counters: “I  would  not  have  taken  this  job  if 
I  thought  we  were  going  to  be  out  of  business  next 
week.  I’m  not  a  bankruptcy  expert.” 

He  says  the  company  is  in  the  midst  of  a  30-day 
review  of  all  its  assets  in  an  effort  to  determine  what 
should  stay  and  what  should  go. 

The  largest  loadstone  is  MCI  Group,  which  sells  long¬ 
distance  to  wholesalers,  small  businesses  and  con¬ 
sumers.  MCI’s  first-quarter  revenue  was  down  16%  to  $3 
billion. 

But  even  WorldCom  Group,  which  peddles  services  to 
business,  saw  sales  slide.  Revenue  was  $5.1  billion, 
down  2%  from  the  same  period  a  year  ago.  Predictably, 
voice  revenue  was  the  biggest  drag,  down  12%,  but  even 
Internet  and  data  services  revenue  declined  1%  to 
$2.75  billion. 

One  bright  spot  was  in  the  international  services  divi- 
sion.This  group  reported  higher  revenue  at  $81 1  million 
compared  with  $710  million  in  the  first  quarter  of  2001. 
Although  Sidgmore  wouldn’t  comment  on  which  busi¬ 
ness  units  would  be  sold  off,  he  did  say  the  company 
has  no  plans  to  sell  off  the  one  unit  that’s  actually  show¬ 
ing  growth. 

“The  first  thing  you  have  to  do  when  someone’s  in  an 
accident  is  stabilize  the  patient.  That’ll  be  Sidgmore ’s 
first  order  of  business,”  says  Lisa  Pierce,  an  analyst  at 
Giga  Information  Group  and  a  Network  World  colum¬ 
nist.  "He’s  not  going  to  be  able  to  drive  up  revenue  ini¬ 
tially  so  he’ll  have  to  cut  costs  to  reduce  the  company’s 
debt.” 

Pierce  predicts  WorldCom  will  sell  off  its  fixed  wire¬ 
less  and  reseller  mobile  business.  But  others  question  if 
that  would  take  a  large  enough  bite  out  of  the  debt.  It’s 
possible  WorldCom  could  spin  off  MCI,  which  is  main¬ 
tained  as  a  tracking  stock. 

“One  option  is  for  WorldCom  to  no  longer  deliver  a 
dividend  on  the  tracking  stock,  which  will  save  the 


company  $300  million  per  year,”  says  Mike  Smith,  man¬ 
aging  director  at  Stratecast  Partners. 

Of  course,  WorldCom  is  also  acquisition  bait.  Pierce 
says  the  company  is  one  of  the  providers  that  could  be 
bought  up  sooner  rather  than  later.  Of  all  the  potential 
suitors,  she  says  SBC  Communications  might  be  the 
most  obvious,  although  SBC  Chairman  and  CEO  Ed 
Whitacre  says  no  way 

“I’m  not  buying  any  long-distance  company  I’m  not  buy¬ 
ing  anything,”  Whitacre  said  in  a  Reuters  story  last  week 
(www.  nwfusion.com,  DocFinder.  9248).  But  Whitacre’s 


declaration  hasn’t  squelched  all  speculation. 

Given  the  relative  strength  of  the  incumbent  local 
exchange  carriers  (ILEC)  —  sales  are  down  less,  they 
see  promise  in  new  services  such  as  DSL  and  long-dis¬ 
tance,  and  they  have  emerged  as  the  biggest  players  in 
terms  of  revenue  —  many  have  speculated  that  they 
will  ultimately  scoop  up  the  IXCs. 

But  it  won’t  be  as  neat  and  clean  as  that.  For  one,  the 
ILECs  still  face  daunting  regulatory  stumbling  blocks, 
Levine  says.  For  example,  if  BellSouth  were  to  buy 
AT&T,  it  would  be  forced  to  drop  AT&T’s  long-distance 
customers  in  Florida  —  a  state  where  BellSouth  is  the 
incumbent  local  provider  and  does  not  yet  have 
approval  to  offer  long-distance  services,  he  says. 

“It’s  a  myth  that  the  ILECs  will  take  over  the  world," 
says  Hillary  Mine,  executive  vice  president  at  Probe 
Research. 

“These  companies  are  losing  lines  at  a  rate  of  2% 
every  quarter  to  mobile  and  cable  modem  users. These 
are  companies  that  made  a  large  portion  of  their  profit 
off  of  access  line  charges,  which  the  [Federal 
Communications  Commission]  has  cut  by  50%  in 
recent  years.” 

International  service  providers  may  have  a  better  chance 
of  snatching  up  one  of  the  troubled  IXCs,  she  says. 

Reason  for  caution 

The  one  example  of  an  1XC  acquiring  an  ILEC  gives 
reason  for  caution.  Qwest’s  purchase  of  US  West  helped 
guarantee  cash  flow,  but  the  deal  hurt  Qwest’s  IXC  busi¬ 
ness,  Levine  says.  Qwest  was  forced  to  give  up  all  its  big 
business  long-distance  accounts  in  the  US  West  states. 
These  customers  included  some  of  Qwest’s  largest  and 
most  loyal  accounts,  Levine  notes. 

Today,  Qwest  is  floundering  in  its  own  right.  Last  week 
it  reported  a  loss  of  $698  million,  compared  with  a  $46 
million  loss  in  the  same  quarter  last  year,  on  revenue  of 
$4.4  billion,  down  13.5%. 

The  SEC  is  investigating  Qwest’s  accounting  prac¬ 
tices,  and  several  states  also  are  investigating  the  pos¬ 


sibility  that  Qwest  may  have  given  competitive 
providers  preferential  access  to  Qwest’s  network  in 
return  for  cooperation  on  Qwest’s  long-distance  appli¬ 
cations  to  the  FCC. 

“Qwest  has  to  focus  on  strengthening  its  balance 
sheet  and  rebuilding  confidence  in  the  investment 
community,”  Smith  of  Stratecast  Partners  says.“It  has  to 
sell  off  assets  to  bring  down  its  debt.”  The  company, 
whose  debt  is  hovering  at  around  $21  billion,  is  looking 
at  selling  its  directory  business,  which  could  bring  in  as 
much  as  $7  to  $8  billion.“That  seems  like  a  very  high  fig¬ 
ure,”  Smith  says. 

Like  WorldCom,  acquisition  ru¬ 
mors  are  swirling  around  Qwest. 
“There  has  been  a  lot  of  specula¬ 
tion  that  someone  will  acquire 
Qwest  and  that  might  happen,  but 
not  in  the  next  12  months,”  Smith 
says.  “BellSouth  has  a  relationship 
with  Qwest,  but  in  the  last  12  to  18 
months  it  hasn’t  been  amicable. 

“BellSouth  would  triple  its  debt 
load  if  it  were  to  acquire  Qwest  with 
its  existing  balance  sheet.That’s  not 
going  to  happen, ’’Smith  says. 

What  is  more  likely  is  that  Qwest 
will  become  a  viable  acquisition 
target  for  another  service  provider 
after  it  reduces  its  debt,  Smith  says. 
“But  we  don’t  see  any  one  company 
pulling  the  trigger  yet.” 

CEO  Joe  Nacchio’s  time  at  Qwest 
is  nearly  over,  Giga’s  Pierce  says. 
If  the  board  lets  him  go  there  will 
be  a  lot  of  housecleaning,  she  says.  In  fact,  all  the  IXCs 
are  top-heavy.  The  re  will  likely  be  more  staff  reductions 
at  the  higher  levels  of  these  companies  in  an  effort  to 
reduce  expenses,  she  says. 

While  AT&T’s  fate  isn’t  quite  as  uncertain  as 
WorldCom’s  or  Qwest’s,  it  too  is  fighting  its  own  finan¬ 
cial  battle  (www.nwfusion.com,  DocFinder:  9249). 

AT&T  just  reported  a  loss  of  $975  million  on  revenue 
that  was  down  8.4%  to  $12  billion  compared  with  the 
first  quarter  of  2001. 

In  the  core  business  service  sector  —  what  AT&T  will 
be  left  with  after  selling  off  the  AT&T  Broadband  cable 
TV  assets  to  Comcast  and  creating  AT&T  Consumer  as  a 
tracking  stock  —  first-quarter  revenue  of  $6.53  billion 
was  down  8%  compared  with  the  same  quarter  last 
year. 

AT&T  says  its  data,  IP  and  managed  services  revenue 
grew  by  6%  compared  with  the  first  quarter  of  last  year. 
But  business  long-distance  voice  service  revenue 
dropped  by  19%. 

Pierce  questions  whether  it’s  a  good  idea  to  spin  off 
AT&T  Consumer  at  this  time.“There  is  the  question  if  it’s 
a  good  idea  to  operate  a  network  that’s  only  used  dur¬ 
ing  business  hours,"  she  says.  “And  who  would  want 
AT&T  Consumer  right  now?"  It’s  difficult  to  say  how 
appealing  these  lines  of  business  will  be  to  any  com¬ 
pany  right  now,  even  a  company  such  as  SBC  that  may 
continue  to  focus  on  residential  and  small-business 
customers. 

Oddly  enough,  the  one  IXC  that  looked  the  weakest  12 
to  18  months  ago  may  be  in  the  best  position  today. 
Sprint’s  future  didn’t  look  especially  bright  when  the 
company  scrapped  its  much-publicized  push  for  a  con¬ 
verged  network,  know  as  ION,  last  year.  But  Sprint’s  first- 
quarter  results  show  sales  up  8%  to  $6.7  billion  and  net 
income  of  $140  million. 

Analysts  say  that  Sprint,  the  third-largest  IXC,  may  be 
the  strongest  with  an  established  long-distance  busi¬ 
ness  customer  base,  strong  ILEC  business  and  large 
wireless  business  unit  ■ 
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a  p  the  local  behemoths  is  down  comparatively  less, 
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Air  Force  goes  on  net  security  offensive 

Battlelabs  play  a  key  role  in  fighting  the  threat  of  cyberterrorism. 


■  BY  ELLEN  MESSMER 

WASHINGTON,  D.C.  —  The  U.S. 
Air  Force  is  adding  firepower  to 
its  network  defenses  by  increas¬ 
ing  intrusion-dete 
measures  at  dozens 
of  bases  around 
the  country  as 
the  threat  of 
cyberattacks 
escalates  in 
the  post-Sept. 

1 1  age  of 
terrorism. 

To  secure  the 
military’s  phone 
lines  from  unautho¬ 
rized  use  and  prevent  hack¬ 
ers  from  breaking  into  data  net¬ 
works  by  modem-based  “war 
dialing,”  the  Air  Force  is  installing 
SecureLogix’s  Enterprise  Tele¬ 
phony  Management  (ETM)  suite 
at  every  base  in  the  country.  It  has 
added  Battelle’s  network  attack 
visualization  tool  to  get  a  bird’s- 
eye  view  of  attempted  attacks 
from  the  Internet.  These  are  just 
two  such  projects  among  many 

“Intrusion-detection  systems 
are  now  mandator^’ says  Lt.Gen. 
Jack  Woodward,  a  top  gun  who 
has  led  the  process  of  “Web- 
ifying”  applications  that  the  Air 
Force  uses,  while  finding  ways  to 
shield  data  that’s  put  at  higher 
risk  with  open  systems.  The  Air 
Force  employs  350,000  military 
personnel  and  145,000  civilian 


personnel  around  the  world,  all 
of  whom  may  make  use  of  the 
Internet;  the  switched  voice,  data 
and  video  networks  that  the 
Defense  Information  Systems 
Agency  (DISA)  maintains; 
or  secured  private  IP 
networks. 

The  military  is 
concerned  that 
network-based 
attacks,  a  peren¬ 
nial  problem 
from  the  Internet, 
may  be  growing 
in  severity  In  late 
March,  unknown 
hackers,  apparently  from 
outside  the  U.S.,  tried  to  break 
into  the  network  at  Wright- 
Patterson  Air  Force  Base  in  Ohio. 
They  made  125,000  attempts  to 
do  so  in  a  matter  of  hours,  accord¬ 
ing  to  officials  there,  in  what  may 
have  been  an  attempted  denial- 
of-service  attack. 

The  base  is  home  to  the  Air 
Force  Material  Command  head¬ 
quarters,  the  National  Air 
Intelligence  Center,  research  labo¬ 
ratories  and  the  program  office 
for  the  B-2  Stealth  bomber,  F-22 
Stealth  fighter  and  other  weapons 
systems  —  plus  a  government 
supercomputer  center. 

Team  effort 

Based  at  the  Pentagon  as 
deputy  chief  of  staff  for  commu¬ 
nications  and  IT,  Woodward  gets 


lots  of  help  in  determining  pro¬ 
tective  measures.  Key  assistance 
often  comes  from  the  Air  Force 
Information  Warfare  Battlelabs, of 
which  there  are  seven  in  the  U.S. 

These  aren’t  research  and 
development  labs,  but  military- 
run  organizations  scouting  out 
the  best  ways  to  do  everything 
from  radar  and  electronic  war¬ 
fare  to  psychological  operations. 
The  two  “battlelabs”  with  the 
most  focus  on  software,  hardware 
and  telecom  are  said  to  be  at 
Lackland  Air  Force  Base  in  Texas 
and  Hurlburt  Field  Air  Force 
Base  in  Florida. 

Staff  working  at  these  battlelabs 
review  off-the-shelf  software  and 
run  operational  pilots  at  Air 
Force  bases  before  large-scale 
purchases  are  made  for  anything 
from  collaboration  software  to 
intrusion-detection  systems. 

Lt.  Col. Glenn  James,  who  works 
with  a  team  of  about  two  dozen 
staff  at  the  Lackland  Information 
Warfare  Battlelab,says  he  usually 
can  just  pick  up  the  phone  and 
call  the  Pentagon  to  notify  Wood¬ 
ward  when  something  interest¬ 
ing  is  in  the  works. 

“Our  folks  demonstrate  new 
things  and  try  them  out  to  prove 
their  value  before  the  military 
spends  millions  on  it,”  James 
says. 

One  recent  project  that  passed 
through  battlelab  inspection 
and  is  making  it  to  full  deploy¬ 


ment  in  the  Air  Force,  although 
not  the  entire  military,  is 
SecureLogix’s  ETM. 

The  Air  Force  is  spending  $8 
million  on  ETM  products,  which 
include  the  TeleWall  Firewall  for 
putting  restrictions  on  inbound 
and  outbound  telecom  commu¬ 
nications.  ETM  was  first  put  into 
an  operational  test  a  year  ago  at 
Peterson  Air  Force  Base  and 
Schriever  Air  Force  Base,  both  in 
Colorado,  with  help  from  the 
Lackland  battlelab. 


Woodward  says  he  now  wants 
every  Air  Force  base  to  use  ETM 
to  protect  telecom  systems  by 
monitoring  and,  when  needed, 
blocking  inbound  or  outbound 
calls.  “We’re  focusing  on  opera¬ 
tional  threat  reduction,”  he  says. 
“This  is  the  Air  Force  concept  of 
defensive  depth.” 

The  Air  Force  calls  the  deploy¬ 
ment  its  Telecommunications 
Firewall  Initiative,  which  is 
expected  to  be  largely  com¬ 


plete  by  year-end. 

Test,  test  and  test  again 

Woodward  adds  that  the  Air 
Force  not  only  relies  on  the  bat¬ 
tlelabs  for  assistance,  but  also 
requires  software  and  hardware 
to  pass  technical  integration  tests 
done  at  Scott  Air  Force  Base  in 
Belleview,  Ill.,  to  ensure  new 
equipment  will  work  with  the 
installed  base. 

“It’s  an  enterprise  approach,” 
Woodward  says,  with  new  gear 


expected  to  win  the  Air  Force 
“certificate  of  net-worthiness.” 

The  SecureLogix  TeleWall  also 
has  received  the  internationally 
recognized  Common  Criteria 
certification  to  assure  that  soft¬ 
ware  works  properly  and  has  no 
known  security  holes. 

There  are  other  important  prod¬ 
uct-review  labs  in  the  military, 
such  as  the  Joint  Interoperability 
Test  Command,  overseen  by 
DISA,  to  which  vendors  must 
sometimes  submit  their  products 
for  review  befpre  purchase. 

Does  the  military  try  to  coordi¬ 
nate  any  of  these  product 
reviews  among  the  Air  Force, 
Navy  and  Army?  Not  formally, but 
“we  all  share  with  each  other 
what  we  do,”  Woodward  says. 
“And  we’re  doing  more  dramatic 
preplanning,  especially  as  we  go 
to  war.”  ■ 


Correction 


■  A  calculating  error  inflated 
three  percentage  figures  at  the 
top  of  the  NW200  story  in  last 
week's  issue.  The  story  should 
have  said  sales  for  the  NW200 
slid  2%  compared  to  the  revenue 
for  the  group  in  2000,  and  the 
market  cap  for  the  NW200  was 
down  26%  compared  with  2000 
and  60%  compared  with  1999. 


NetVmg  boosts  route-control  software 

Company’s  appliances  can  be  used  to  choose  optimal  Internet  links. 


■  BY  TIM  GREENE 

SAN  JOSE  —  NetVmg  —  until  now  exclu¬ 
sively  a  provider  of  route-control  software 
—  this  week  will  announce  three  appli¬ 
ances  designed  to  streamline  the  imple¬ 
mentation  of  its  technology  in  corporate 
networks  as  a  way  to  cut  costs  and  improve 
Internet  performance. 

Rather  than  loading  components  of  Net- 
Vmg’s  Flow  Control  Platform  (FCP)  software 
on  separate  servers,  customers  now  can  buy 
an  appliance  preloaded  with  all  the  software 
they  need. 

Once  installed  in  a  corporate  network 
that  has  links  to  multiple  ISPs  —  a  multi¬ 
homed  setup  —  the  devices  make  deci¬ 
sions  about  which  connection  is  best  to 
use  based  on  cost  and  delay  priorities  that 
users  set  . The  company  says  it  has  sized  the 
FCP  50R,  FCP  1000  and  FCP  5000  boxes  for 


sites  ranging  from  headquarters  to  branch 
offices. 

FCPs  monitor  traffic  flows  in  and  out  of  cor¬ 
porate  sites  to  determine  the  delay  the  traffic 
experiences  and  whether  one  of  the  other 
ISPs  to  which  the  company  is  connected  can 
supply  faster  or  less  expensive  service.  The 
FCP  then  instructs  corporate  routers  to  use 
the  chosen  ISP 

With  its  new  appliances,  NetVmg  also  is 
announcing  that  it  passively  monitors  traffic 
flows  rather  than  sending  out  test  traffic  that 
adds  to  network  congestion. 

The  software  on  the  new  appliances  now 
supports  multihoming  between  Internet 
connections  and  frame  relay  networks.  So 
if  a  branch  office  is  connected  to  the 
Internet  and  also  has  a  frame  relay  link 
back  to  headquarters,  an  FCP  can  compare 
performance  on  the  two  and  decide  which 
applications  should  take  which  path  back 


to  headquarters. 

NetVmg  says  this  lets  users  migrate  certain 
applications  off  the  frame  relay  network  and 
evaluate  whether  they  can  get  by  with  small¬ 
er  frame  links. 

While  corporations  can  buy  these  devices 
and  install  them  in  their  networks,  one  ser¬ 
vice  provider  is  using  them  to  supply  cor¬ 
porate  customers  with  a  route-control  ser¬ 
vice.  Equinix,  an  Internet  business  ex¬ 
change  that  collocates  peering  points 
between  major  carriers  with  its  points  of 
presence,  provides  FCP  software  for  its  cus¬ 
tomers  to  switch  among  as  many  as  seven 
different  ISPs  based  on  cost  and  perfor¬ 
mance  parameters. 

FCP  50R  monitors  50  flows  and  costs 
$12,000;  FCP  1000  monitors  2,500  flows  and 
costs  $100,000;  and  FCP  5000  monitors  10,000 
flows  and  costs  $200,000. 

NetVmg:  www.netvmg.com 


HI  (Intrusion-detection  systems 
are  now  mandatory.  1 1 

Lt.  Gen.  Jack  Woodward 

Deputy  chief  of  staff  for  communications 
and  IT,  U.S.  Air  Force 


Digex  And  WorldCom  Have  Teamed  To 
Create  A  Powerful  New  Force  In  e-Business. 


Give  Your  e-Business  An  Edge  With  The  Leaders 
In  Web  And  Application  Hosting. 

Combine  innovation  with  global  reach,  and  you've  got  e-Business.  But  when  you  add  Digex  and 
WorldCom,  you've  got  something  even  more  powerful.  By  running  your  Web  operations  with  us, 
you'll  not  only  benefit  from  our  industry-leading  experience  in  Web  and  applications  hosting, 
you’ll  also  be  tapping  directly  into  the  world’s  farthest-reaching  network,*  backed  by  Sun's  systems 
and  software.  With  three  of  the  industry's  most  powerful  leaders  working  together  to  keep  your 
site  secure  and  available,  your  e-Business  can  be  a  force  to  be  reckoned  with. 

Call  1-800-265-0503  or  visit  www.worldcom.com/sun 

for  a  FREE  Web  Infrastructure  Analysis  and  a  Forrester  Report 

on  buying  Web  Infrastructure. 
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Hitachi  raises  the  storage  bar 

New  arrays,  storage  software  could  challenge  market  leader  EMC. 


HiCommand  highlights 

Hitachi’s  new  modules  for  its  storage  management  system 
complement  the  company’s  new  high-end  arrays. 


Module 

Function 

Availability 

Device  Manager 

Manages  physical  and  logical 
characteristics  of  storage  devices. 

Now 

Copy  Manager 

Prioritizes  back-up  and  recovery 
tasks  among  software  packages, 
such  as  those  from  Veritas, Tivoli 
and  Legato. 

June 

Policy  Manager 

Automates  scheduling  of  tasks 
affecting  devices,  data  and 
applications. 

Year-end 

Performance 

Manager 

Provides  a  centralized  interface 
for  monitoring,  analyzing  and 
reporting  on  storage  performance 
and  capacity. 

June 

Provisioning 

Manager 

Consolidates  pools  of  data. 

November 

Protection 

Manager 

Enables  HiCommand  to  work  with 
back-up  and  recovery  and 
disaster-recovery  software  from 
Hitachi  and  others. 

June 

■  BY  DENI  CONNOR 

LAS  VEGAS  —  Hitachi  Data 
Systems  this  week  will  unveil  two 
high-end  storage  arrays,  plus  a 
handful  of  management  software, 
that  observers  say  exceed  any¬ 
thing  EMC  offers  business  cus¬ 
tomers  in  terms  of  capacity, 
resiliency  and  performance. 

Hitachi,  which  resells  its  stor¬ 
age  products,  or  sells  them  in  an 
OEM  capacity,  through  the  likes 
of  Hewlett-Packard  and  Sun,  will 
use  NetWorld+Interop  2002  Las 
Vegas  this  week  to  introduce: 

•  The  9970  and  9980  V  Freedom 
Storage  Lightning  arrays,  which 
feature  a  new  switching  fabric, 
and  the  larger  of  which  tops  out 
at  147  terabytes  of  storage  across 
as  many  as  1 ,024  drives. 

•  New  modules  for  its  Hi¬ 
Command  software  suite  that 
offer  provisioning,  performance, 
policy  and  device  management, 
and  work  with  other  vendors’ 
storage  management  software 
(see  graphic). 

“[These  announcements]  ex¬ 
tend  the  definition  of  enterprise- 
class  storage  and  start  to  look 
like  utility-class  storage  with  pro¬ 
visioning  and  quality-of-service 


features,”  says  Tony  Prigmore,  a 
senior  analyst  with  Enterprise 
Storage  Group,  referring  to  the 
type  of  storage  systems  typically 
suited  more  for  service  providers 
with  huge  data  centers. 

The  new  boxes  are  powerful 
and  most  similar  to  next-genera¬ 
tion  designs  from  start-ups  such 
as  3ParData,  Cereva,  Yotta  Yotta 
and  Zambeel.The  Hitachi  arrays 
feature  a  cross-bar  switch, 
dubbed  Hi-Star,  which  the  compa¬ 
ny  says  can  handle  as  many  as 
4,400  transactions  per  minute, 
two  or  three  times  faster  than 
most  competitors’  controllers.The 
new  Hitachi  arrays  also  will  allow 
for  blades  that  support  the  latest 
storage  connectivity  technolo¬ 
gies,  from  iSCSI  to  InfiniBand. 

EMC’s  high-end  Symmetrix 
8830  array  maxes  out  at  69  tera¬ 
bytes  of  storage  and  relies  on  a 
shared  internal  bus  to  connect 
Fibre  Channel  ports  to  cache 
memory  and  disk  drives. 

Perhaps  the  unique  aspect  of 
the  new  Hitachi  arrays  is  their 
Virtual  Storage  Ports,  Prigmore 
says.  These  ensure  that  even  if  a 
server  fails  and  can  no  longer 
reach  a  Hitachi  array,  other 
servers  connected  to  the  storage- 


area-network-attached  arrays 
can  still  access  data. 

“The  benefit  is  that  in  a  shared 
storage  environment  where  a 
SCSI  bus  may  fail  and  reset  itself, 
the  impact  is  limited  only  to  the 
attached  server  rather  than  ham¬ 
mering  the  performance  of  all 
connected  hosts,”  he  says. 

Pricing  information  on  the  new 
arrays  is  not  available,  but  high- 
end  arrays  typically  start  at 
around  $100,000  and  can  scale 
up  quickly. 

Hitachi  declined  to  comment 
on  its  upcoming  announcements, 
but  company  documents  show 
that  the  offerings  will  be  unveiled 
as  part  of  a  strategy  dubbed 
TrueNorth.  The  plan  emphasizes 
Hitachi’s  willingness  to  work  with 
other  vendors  and  adhere  to 
industry  standards  such  as  the 
Simple  Object  Access  Protocol 
and  Common  Information  Model 
to  offer  customers  flexibility  in 
building  storage  networks. 

Customers  such  as  Kevin  Ball¬ 
mer  of  Aegon  USA  in  Louisville, 
Ky,  have  opted  for  Hitachi  arrays 
in  the  past  based  on  the  products’ 
performance,  reliability  and  cost. 
But  Ballmer  also  appreciates 
Hitachi’s  continued  efforts  to 


ensure  that  its  products  work  with 
those  from  other  vendors,  such  as 
by  making  APIs  available  to  them. 

“We  don’t  necessarily  get  every¬ 
thing  from  one  vendor,”  he  says. 


“We’re  looking  at  best-of-breed 
when  we  put  things  together  and 
don’t  want  to  get  locked  into 
[proprietary]  architectures.” 

Hitachi:  www.hds.com 


Performance  mgmt.,  SNMP  packages  on  tap  at  N-H 


■  BY  DENISE  DUBIE 

LAS  VEGAS  —  Users  looking 
to  get  more  control  over  their 
networks  and  the  services  they 
deliver  will  want  to  check  out 
network  management  software 
and  tools  from  two  manage¬ 
ment  vendors  on  display  at  Net¬ 
World+Interop  2002  Las  Vegas 
this  week. 

With  tight  IT  budgets,  network 
management  vendors  have 
been  working  to  help  users  get 
more  out  of  their  networks  with 
software  and  appliances  that 
optimize  performance  and  ser¬ 
vice  across  networks.  In  addi¬ 
tion  to  a  slew  of  management 
products  highlighted  last  week 
by  Network  World  (see  www.nw 
fusion.com,  DocFinder:  9245), 
Network  Physics  and  SNMP 
Research  this  week  will  show 
how  their  tools  help  users  bet¬ 
ter  use  bandwidth  and  auto¬ 
mate  network  configuration, 
respectively. 


Network  Physics  is  set  to  debut 
its  Internet  traffic  management 
product,  called  NP-1000.  NP- 
1000  is  made  up  of  two  appli¬ 
ances  with  embedded  software 
that  are  connected  to  a  port  on 
a  router  in  a  customer’s  net¬ 
work.  One  appliance  passively 
collects  data  flowing  into  and 
out  of  the  router  while  the  other 
maintains  a  database  of  the  col¬ 
lected  metrics  —  such  as 
response  times  between  the 
router  and  a  server. 

Customers  can  access  the  data 
in  the  database  from  any  ma¬ 
chine  running  a  Web  browser. 
The  software  also  can  feed  data 
via  SNMP  to  any  network  and 
systems  management  console. 
Pricing  is  based  on  throughput 
and  can  range  from  $25,000  to 
$90,000. 

“The  point  is  to  provide  infor¬ 
mation  about  how  the  network 
traffic  is  traveling  and  even 
reporting  on  parts  of  the  path, 
for  example,  ISP  hops,  that  you 


don’t  own,”  says  Nick  Gualt, 
Network  Physics  CEO.  The  com¬ 
pany,  founded  in  March  2001,  is 
looking  to  reduce  Internet  con¬ 
nectivity  costs  and  optimize 
end-to-end  performance  for 
enterprise  users,  he  says.  “Most 
companies  don’t  always  know 
who  or  what  is  using  the  band¬ 
width,  but  we’re  showing  that  by 
giving  a  view  into  every  packet 
and  every  flow.” 

Also  at  N+I,  SNMP  Research 
will  show  users  its  three  new 
software  applications  designed 
to  make  upgrading  to  SNMP 
Version  3  more  appealing  and 
easier  for  enterprise  companies. 
The  latest  version  of  the  proto¬ 
col  has  built-in  security  features 
that  can  save  users  time. 

And  some  network  device 
vendors,  such  as  Cisco  and 
Nortel,  have  upgraded  their 
equipment  to  SNMP  Version  3. 
Now  with  the  help  of  SNMP  Re¬ 
search’s  software,  users  can 
configure  their  software  faster 


to  tap  into  SNMP  Version  3  on 
those  devices,  according  to  Jim 
Warren,  vice  president  of  busi¬ 
ness  development  at  SNMP 
Research. 

“Upgrading  to  SNMPv3  . . .  does 
take  some  configuration  work  to 
get  all  agents,  software  and 
machines  using  the  same  ver¬ 
sion. We ’re  providing  a  tool  kit  to 
help  users  turn  on  those  fea¬ 
tures  in  their  devices  and  take 
advantage  of  this  standard,” 
Warren  says. 

The  three  new  applications  that 
fall  into  SNMP  Research’s  Enter- 
Fbl  Securelntelligence  manage¬ 
ment  suite  are  SNMPv3  Con¬ 
figuration  Wizard,  CIAgent  Policy- 
Pro  and  CIAgent  Monitor.  The 
software  runs  on  Solaris,  Win¬ 
dows  and  Linux  servers. 

A  configuration  wizard  leads 
users  through  the  process  of  set¬ 
ting  up  access  rights  and  notifi¬ 
cation  targets  for  new  users  of 
SNMP  Version  3.  CIAgent  Fblicy- 
Pro  takes  the  configuration  poli¬ 


cies  and  rules  established  with 
the  configuration  wizard  and 
pushes  them  out  to  multiple 
agents  and  devices.  The  applica¬ 
tion  automates  the  process  and 
lets  network  managers  use  all  or 
just  a  portion  of  a  preset  configu¬ 
ration  and  apply  it  to  new  agents, 
saving  time  in  configuration. 

And  CIAgent  Monitor  monitors 
the  health  and  performance  of 
the  SNMPv3-compatible  devices, 
servers  and  agents  on  a  user  net¬ 
work.  It  provides  reports  on  met¬ 
rics  such  as  the  disk  usage,  CPU 
usage  and  memory,  and  graphi¬ 
cally  displays  the  data  in  a  dash¬ 
board-like  application. 

Available  now,  the  three  new 
tools  are  packaged  together  as 
standard  applications  as  part  of 
the  EnterPol  product,  which 
costs  $5,000. 

N+I:  www.key3media.com/ 

interop/index. php;  Network 
Physics:  www.networkphysics 
.com;  SNMP  Research:  www. 
snmp.com 
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The  Bottom  Line: 


Performance  far  beyond 
“built-in"  limits  I 
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uilt-in  limits  can  create 
performance  barriers... 

Why?  Built-in  defragmenters  require  system  admin  privs  to 
run,  but  cannot  be  run  remotely.  They  drain  system 
resources  when  running,  but  need  to  be  run  daily.  Today's 
system  demands  require  a  fast,  transparent  and  automated 
defragmenter — something  a  "lite"  defragmenter  can't 
deliver.  Diskeeper®  7.0  is  so  advanced  it  runs  itself,  precisely 
when  needed,  anywhere  on  the  network.  It's  like  hiring  an 
expert  to  constantly  monitor  system  performance  and  keep 
it  peaking — with  increases  up  to  200%  or  more. 


m 


'These  tests 
clearly  show... 
Diskeeper  is  a 
better  product  for 
defragmentation.' 
— Lloyd  Holder ; 

CEO  of  NSTL 


What  does  Microsoft®  say?  "The  version  included  with 
Windows  2000  provides  limited  functionality  in  maintaining 
disk  performance..."  "If  you  need  to  automate  the  disk 
defragmentation  process,  obtain  a  third-party  disk 
defragmenter  tool."  —  Microsoft  Knowledgebase  articles 
Q227463/Q223146 

Can  you  really  afford  to  use  a  manual  defragmenter? 

"The  decision  to  defragment  the  enterprise  automatically 
versus  manually  will  save  companies  thousands  if  not  millions 
of  dollars."  —  IDC 
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Call  1-800-829-6468 

extension  #3004 


For  less  than  the  cost  of  a  minor  memory  upgrade 
Diskeeper  could  be  increasing  the  speed  of  your 
system  now — automatically! 


Download  it  immediately  at 

www.NW4.diskeeper.c 

30-day  Trialware  and  more  info  also 
available  at  this  location 
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Vendors  to  address 
wireless  LAN  foibles 


Management,  security  to  be  featured  in  new  products. 


■  BY  DENISE  DUBIE 
AND  JOHN  COX 

LAS  VEGAS  —  Vendors  this 
week  will  attempt  to  address 
concerns  among  wireless  LAN 
users  regarding  management 
and  security  as  well  as  deploy¬ 
ment  of  mixed  802.11b  and 
802.1  la  nets. 

Among  the  companies 
announcing  new  technology 
will  be  Network  Associates’ 
Sniffer  Technologies  business, 
which  is  unveiling  software  for 
managing  wireless  LANs  from  a 
handheld  device. 

Sniffer  Portable  Wireless  PDA 
software  runs  on  a  Compaq 
iPaq  handheld  outfitted  with 
Microsoft’s  Pocket  PC  technol¬ 
ogy  and  an  802.11b  card,  and 
lets  network  administrators 
learn  the  effective  range  of 
access  points  and  detect 
intruders  by  surfing  wireless 
LAN  channels.  The  new  $4,000 
software  can  feed  data  to  a 
desktop-  or  laptop-based  edi¬ 
tion  of  Sniffer  Wireless  for  in- 
depth  analysis. 

Network  managers  “are  going 
to  want  to  know  how  well  their 
access  points  are  working,  and 
this  tool  will  pick  up  on  interfer¬ 
ence  in  different  parts  of  a  build¬ 
ing.  It  lets  users  know  how  effec¬ 
tive  those  access  points  are,”  says 
Eric  Hemmendinger,  a  research 
director  with  Aberdeen  Group. 

A  similar  product,  from  start-up 


\  I  / 


THIS  WEEK'S  QUESTION: 

What  words  are  behind 
the  acronym  SAML,  an 
emerging  XML-based 
security  standard? 


Answer  this  and  nine  additional  questions 
online  and  you  could  win  $500!  Visit 

Ntwwt  World  hisiea  and  enter  2349 

in  the  Search  box. 


Hands-on  work 


Sniffer  Portable  Wireless  PDA  software  lets  users  monitor 
performance  of  their  wireless  LANs  from  their  handhelds. 
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At  a  glance,  users 
can  see  the  source, 
destination  and  type 
of  traffic  running 
across  their  wireless 
LAN. 
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Network  manag¬ 
ers  can  also 
receive  alarms 
regarding  wire¬ 
less  LAN 
performance. 
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AirMagnet,  recently  made  its 
debut  (see  www.nwfusion.com, 
DocFinder:  9246). 

The  full  picture 

Elsewhere  on  the  manage¬ 
ment  front,  Finisar  will  high¬ 
light  a  new  version  of  its 
Surveyor  performance  manage¬ 
ment  and  testing  software  that 
works  with  802.11b  wireless 
LANs  from  companies  such  as 
3Com,  Cisco  and  Symbol 
Technologies.  The  software, 
which  sits  on  a  laptop  outfitted 
with  a  wireless  LAN  card,  per¬ 
forms  seven-layer  packet  and 
traffic  analysis  of  radio  fre¬ 
quency  signals.  It  also  can  be 
used  to  strategically  place 
access  points  and  can  recom¬ 
mend  corrective  actions  when 
it  detects  problems  on  a  wire¬ 
less  LAN.  The  software,  which 
the  company  says  likely  will 
cost  about  $8,000,  will  be  avail¬ 
able  for  802. 1 1  b  nets  in  June. 

Separately,  Agere  Systems  will 
introduce  a  program  for  moni¬ 
toring  its  wireless  LAN  access 
points. The  software,  which  runs 
on  Windows  machines,  promis¬ 
es  to  give  administrators  infor¬ 
mation  on  network  traffic  and 
let  them  configure  access 


points  remotely.  A  software 
license  to  manage  up  to  five 
access  points  costs  $1,000;  an 
unlimited  license  costs  twice 
that. 

Also  next  week,  Symbol  will 
debut  MobiusGuard,  software  for 
its  Spectrum24  wireless  LAN 
access  points  that  promises 
improved  security  MobiusGuard 
includes  code  from  Columbitech 
that  handles  encryption  and 
authentication  between  clients 
and  servers,  and  maintains  a  ses¬ 
sion  even  if  clients  move  between 
local  and  wide-area  wireless  nets. 
Symbol  plans  to  add  virtual  LAN 
capabilities  as  well. 

Agere  and  Symbol  also  are 
releasing  plug-in  cards  that  will 
add  a  5-GHz  11a  transceiver  to 
their  existing  802.11b  access 
points. 

In  a  related  introduction, 
Tality  will  demonstrate  an 
802.11  Media  Access  Control 
software  stack  that  will  let  chip 
makers  support  802.11b  and 
802.11a,  paving  the  way  for 
more  advanced  dual-mode 
products.  A  single  network 
interface  card  with  such  a  chip 
could  communicate  with 
either  802.11b  or  802.11a 
access  points.  ■ 


Verio  enhances 
VPN,  host  services 


■  BY  DENISE  PAPPALARDO 
AND  JENNIFER  MEARS 

LAS  VEGAS  —  Verio  is  taking 
steps  beyond  its  shared  hosting 
roots  by  rolling  out  services 
designed  to  meet  the  needs  of 
larger  businesses  that  want  fea¬ 
tures  such  as  enhanced  back¬ 
up  and  load  balancing.  It’s  also 
announcing  an  economical  IP 
VPN  service  that  takes  advan¬ 
tage  of  its  parent  company’s 
global  network. 

The  new  offerings,  which  will 
be  announced  this  week  at 
NetWorld+Interop  2002  Las 
Vegas,  make  use  of  Verio’s  new 
worldwide  reach  and  illustrate 
its  efforts  to  attract  bigger  busi¬ 
ness  customers,  while  continu¬ 
ing  to  provide  options  for  its 
established  small  and  midsize 
customer  base. 

In  the  hosted  services  depart¬ 
ment,  Verio  is  introducing  a 
package  of  modular  service 
components  that  address  secu¬ 
rity,  disaster-recovery,  perfor¬ 
mance  and  availability,  and  can 
be  mixed  and  matched  accord¬ 
ing  to  customer  needs,  says 
John  Scott,  vice  president  of 
product  development  for  the 
enterprise  hosting  unit  at  Verio, 
a  wholly  owned  subsidiary  of 
NTT  Communications. 

The  services  include  a  hot 
database  backup,  which  lets 
Verio  back  up  systems  without 
affecting  system  performance; 
local  and  global  load-balancing 
services;  managed  security  ser¬ 
vices;  and  enhanced  monitoring 
services  that  tell  not  only 
whether  a  Web  site  is  up,  but  also 
whether  its  applications  are  run¬ 
ning  properly. 

Analysts  say  these  services 
will  help  Verio  as  it  hunts  for 
larger  customers,  but  warn  that 
the  company  has  a  long  way  to 
go  to  compete  with  managed 
hosting  companies  such  as 
Digex. 

“Ultimately  that’s  where  they’d 
like  to  be,  but  I  think  they’ve  got 
a  long  road  ahead  of  them  to  get 
there,”  says  Courtney  Quinn,  a 
senior  analyst  at  The  Yankee 
Group.  “It’s  a  good  first  step  for 
them.” 

Verio  executives  did  not  re¬ 
lease  specific  details  about  pric¬ 
ing,  but  say  the  services  would 
range  from  several  hundred  to 
several  thousand  dollars  per 


month,  depending  on  the  size 
and  configuration  of  the  hosting 
platforms. 

For  VPN  customers,  Verio  has 
deployed  Cosine  VPN  devices  at 
four  sites  throughout  its  global 
network  to  support  edge-to-edge 
IP  Security  (IPSec)  tunnels  over 
Verio’s  public  IP  network.The  ISP 
has  deployed  two  boxes  at  each 
site  for  redundancy.Verio  expects 
to  add  additional  sites  as  the  ser¬ 
vice  rolls  out. 

While  the  ISP  already  offers  a 
customer  premises  equipment 
(CPE)-based  VPN  service,  it 
says  this  new  service  represents 
a  more  economical  VPN 
option.  “Users  can  save  up  to 
50%  compared  with  our  man¬ 
aged  CPE  VPN,”  says  Sherry 
Quinn,  product  manager  at 
Verio.  The  service  starts  at  $400 
per  month  per  128K  bit/sec 
dedicated  IP  connection. 

The  Global  IP  Security 
Gateway  service  is  less  expen¬ 
sive  because  the  ISP  does  not 
manage  customer  equipment 
or  the  tunnels  from  the  cus¬ 
tomer  site  to  the  edge  of  its 
network.  The  managed  CPE 
VPN  service  also  offers  users 
minute-to-minute  monitoring 
from  Verio’s  global  network 
operations  center,  Quinn  says. 
The  new  network-based  VPN 
does  not  offer  the  same  type  of 
monitoring. 

The  Global  IP  Security 
Gateway  service  does  not 
require  users  to  deploy  specific 
routers  at  their  sites.  Customers 
have  the  option  of  installing 
their  own  gear  and  establishing 
IPSec  tunnels  from  their  loca¬ 
tions  to  the  edge  of  Verio’s  net¬ 
work  for  an  additional  level  of 
security.  Verio  has  tested  several 
CPE  devices  that  support  IPSec 
encryption,  including  routers 
from  NetScreen  Technologies, 
Check  Pbint  Software,  Juniper 
Networks  and  Netopia. 

Verio  also  is  teaming  with 
international  local  providers 
around  the  globe,  including 
HKNet  in  Hong  Kong,  StarHub 
in  Singapore  and  NTT  Sing- 
apore.The  ISP  has  relationships 
with  14  service  providers  that 
will  resell  and  provision  Verio’s 
service  locally  for  customers 
overseas. 

Global  IP  Security  Gateway  is 
slated  for  availability  early  in  the 
third  quarter.  ■ 


And  the  in 


Meet  Benjamin.  Internet  Dependent 

Independent  Filmmaker. 

ind  cost-effective 
connectivity  environments. 


The  competitive  world  of  independent  filmmaking  isn’t 
for  the  fainthearted.  It’s  for  strong-willed  directors  such 
as  Benjamin,  who  seize  opportunity  with  an  iron  grip.  That’s 
why  he  found  a  way  to  work  with  his  production  partners 
quickly  and  efficiently  to  get  hiTfi^^  ca^and  out  to  the 
world.  With  the  help  of  the  Nortel  Networks™  Business 
Communications  Manager  (BCM),  Benjamin  implemented  an 
integrated  communications  system  that  lets  him  adopt 
IP-based  solutions  at  his  own  pace.  It  also  means  he  and 
his  highly  mobile  production  partners  have  instant  and 
secure  access  to  everything  from  location  photos  to  streaming 

video  of  his  latest  project. 


#1  market  share  for 

Plus,  the  consolidation  of  a 


Converged  IP  Solutions* 

communications  structure 
with  a  single,  easily  managed  system  saves  him  20%  of  the 
cost  of  buying  and  maintaining  separate  equipment.  Which 
means  he  saves  time  and  money  so  he  can  concentrate  on 
producing  the  kinds  of  films  that  just  may  have  him 
rehearsing  an  acceptance  speech.  It's  just  one  more  way 
Nortel  Networks  is  making  the  Internet  what  you  need  it  to  be. 
To  learn  more,  visit  nortelnetworks.com/connectivity. 
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Nortel  Networks,  the  Nortel  Networks  logo  and  the  Globemark  are  trademarks  of  Nortel  Networks. 
©2002  Nortel  Networks.  All  rights  reserved.  ‘IP-PBX  Q4  2001  market  share  report,  "InfoTrack  for 
Enterprise,"  published  by  InfoTech. 
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Microsoft  sketches  out  mgmt  platform 

Company  plan  short  on  details,  but  looks  to  manage  ‘services,’  not  components. 


Management  platform 


Microsoft’s  management  plan  is  still  early  in  the  development  stage  but  will  incorporate 
three  current  management  products. 


Product/Status 


System  Management 
Server  2003 

Beta  shipment  by  year-end 


Description 


Software  distribution  and  installation,  software  metering  and  remote¬ 
troubleshooting  tools  for  managing  Windows-based  servers,  desktop 
PCs  and  non-PC  mobile  clients. 


Microsoft  Operations 
Manager  2000 

Shipped  in  July  2001 


Performance  and  event  monitoring  of  Windows,  Active  Directory  and 
Internet  Information  Server  and,  through  plug-ins,  various  servers  such 
as  Exchange  and  SQL  Server. 


A  set  of  deployment,  monitoring  and  diagnostic  tools  for  managing 
clusters  of  Web  servers  and  Web-based  applications. 


■  BY  JOHN  FONTANA 

More  than  a  year  after  trum¬ 
peting  its  intent  to  create  a  man¬ 
agement  platform  for  its  family 
of  servers  and  clients,  Microsoft 
last  week  unveiled  a  plan  that 
was  long  on  vision  but  short  on 
deliverables. 

The  central  idea  is  to  move 
from  individual  products  for 
managing  network  compo¬ 
nents  and  instead  toward  man¬ 
aging  “services.”  For  example, 
Exchange  Server,  the  clients  it 
serves  and  the  network  it  runs 
over  would  be  defined  as  a  ser¬ 
vice  that  would  be  managed 
and  monitored  by  a  product  or 
suite  of  products. 

Network  executives  could  mix, 
match  and  reuse  products  to 
support  multiple  services  rele¬ 
vant  to  their  Windows  environ¬ 
ments,  an  approach  Microsoft 
touts  as  being  more  holistic  than 
what  is  possible  today 

Microsoft  also  plans  to  offer 
best-practice  guidelines  for 
implementations  and  configu¬ 
rations  that  will  be  built  into  its 
products  through  Wizard-driven 
mechanisms. 

“The  vision  is  clear  —  to 
achieve  dominance  in  the 
Windows  management  market,” 
says  Cameron  Haight,  research 
director  for  Gartner.  “But  the 
path  to  accomplishment  is  not 
so  clear.  Microsoft’s  offerings  to 
date  are  component-based  in 
that  they  focus  on  servers,  data¬ 
bases  or  applications.  They 
don’t  have  any  end-to-end 
performance-management  or 
capacity-planning  tools.” 

Regardless,  Haight  says  the 
game  is  Microsoft’s  to  lose,  and 
he  thinks  the  company  eventu¬ 
ally  will  be  the  dominant  ven¬ 
dor  in  the  Windows  manage- 


Application  Center  2000 

Shipped  in  February  2001 


ment  market,  ahead  of  BMC 
Software,  Computer  Associates, 
Hewlett-Packard  and  IBM/ 
Tivoli. 

The  market  last  year  for 
Windows  management  products 
topped  $2  billion  in 
revenue,  according  to 
Gartner.  By  2005,  that 
figure  is  expected  to 
exceed  $6  billion. 

“Microsoft  can’t  afford 
to  fail  if  for  no  other  rea¬ 
son  than  to  ensure  the 
success  of  Windows 
and  .Net,”  Haight  says. 

.Net  is  Microsoft’s  Web 
services  initiative. 

“Management  is 
core  to  .Net, without  it  .Net  can’t 
be  successful,”  says  David 
Hamilton,  director  of  the  man¬ 
agement  business  group  at 
Microsoft.  “This  [management 
vision]  is  a  shift,  but  we  like  to 
think  of  it  as  evolutionary.  We 
are  building  out  the  technology 
we  have  today” 

IT  executives  say  that,  despite 
this  initial  ambiguity,  they  want 
management  help  from 
Microsoft. 


“We  use  the  hell  out  of 
[System  Management  Server] 
today,  and  it  works  great  for  us,” 
says  Arch  Willingham,  vice  pres¬ 
ident  of  Parks  Construction  in 
Chattanooga,  Tenn. 


“I  want  to  look  in  the  long 
term  to  [Microsoft]  for  other 
management  help.  We  all  know 
the  real  costs  are  in  manage¬ 
ment  not  in  buying  the  hard¬ 
ware,”  he  says.  But  Willingham 
says  the  management  vision 
better  be  clearer  than  the  .Net 
vision,  which  he  says  is  nothing 
short  of  confusing. 

Uncertainty 

How  Microsoft  plans  to  fulfill 
this  management  plan  is 
uncertain  because  it  did  not 
announce  products  last  week. 
The  company  only  said  an 
undisclosed  number  are 
under  development  as  part  of 
two  in-house  initiatives  —  the 
Server  Manager  Project  and 
Client  Manager  Project. 

But  the  first  evidence  of  the 
new  strategy  will  show  up  this 
summer  when  Microsoft  calls 
on  its  systems  integration  part¬ 
ners  and  rolls  out  sets  of  doc¬ 
umentation  to  help  IT  execu¬ 
tives  apply  Microsoft’s  current 
products  to  the  new  managed 


service  vision. 

Current  products  include 
Microsoft  Operations  Manager 
(MOM),  System  Management 
Server  (SMS),  and  Application 
Center  2000  (see  graphic). 

Microsoft  will  build 
the  new  platform  on 
top  of  its  Windows 
operating  system, 
which  will  include 
support  for  stan¬ 
dards  that  let  man¬ 
agement  “modules” 
plug  into  the  plat¬ 
form.  SMS,  MOM  and 
Application  Center 
2000  are  the  current 
modules. 

The  management  hooks  in 
the  operating  system  will  be  the 
application-programming  inter¬ 
face  Windows  Management 
Instrumentation  (WMI),  XML 
and  the  Simple  Object  Access 
Protocol  (SOAP). 

WMI,  which  is  supported  in 
Windows  2000,  lets  developers 
create  management  applica¬ 
tions  that  plug  into  Windows. 

WMI  is  based  on  the  Web- 
Based  Enterprise  Management 
initiative,  which  uses  the  Com¬ 
mon  Information  Model  to 
describe  management  informa¬ 
tion.  XML  and  SOAP  will  pro¬ 
vide  a  standard  way  to  ex¬ 
change  data,  but  those  features 
likely  won’t  hit  their  stride  until 
the  Blackcomb  release  of 
Windows,  which  could  be  as 
late  as  2005. 

Beyond  that,  things  get  fuzzy 

“SMS,  MOM  and  Application 
Center  will  be  the  foundation  of 
the  products  we  develop,  but  we 
have  no  target  number  of  prod¬ 
ucts  we  will  produce,"  Micro¬ 
soft’s  Hamilton  says  ■ 


t«i  / 


Teleworker 

tantrums 

Remote  support  lines  ringing  off  the  hook?  Teleworkers 
—  and  their  tech  problems  —  need  special  handling.  Turn 
to  Net.Worker  for  tips  and  advice  to  get  the  job  done. 

Log  on  to  www.nwfusion.com/net.worker/ 


www.n  "fusion. com/net. worker/ 
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APC's  award-winning  technology  and 
industry  leadership  continues  to  set 
the  standard  in  power  protection 
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array  of  products  —  from 
surge  suppressors,  UPSs, 
cables  and  racks,  to  3-phase 
UPSs  and  DC  power  systems 
—  are  why  industry 
leaders  like  BridgePoint 
place  their  power  avail¬ 
ability  needs  in  the 

If 

capable  hands  of  APC. 


"BridgePoint  International  Inc.  is 
a  leader  in  the  area  of  colocation 
centers.  Our  company  provides 
telehousing  centers  for  equip¬ 
ment  and  value-added  network 
services.  Our  clients  include 
Internet  Service  Providers, 
telecommunications  service 
providers  and  technology  com¬ 
panies  who  wish  to  leverage 
the  power  of  information  rich, 
high-speed  telecommunications 
networks.  In  order  to  provide  our 
customers  with  maximum  security  and 
protection,  we  invest  in  a  system  infra¬ 
structure  that  is  'bulletproof'  and 
always  available. 


Basic  Requirement  Reliable  Power 

"We  approached  Symetrix,  an  APC 
Power  Specialist  in  the  Montreal, 
Quebec  area.  When  building  the 
colocation  centers,  redundancy, 
scalability  and  zero  downtime 
were  our  main  requirements. 


High  Availability  with  Low 
Implementation  Costs 

"We  initially  installed  APC's  SymmetraP 
Power  Arrafs  at  each  site.  We  equipped 
each  Symmetra  with  the  APC  accessories 
needed  for  remote  monitoring  of  alarms 
and  environmental  conditions.  The 
potential  savings  in  future  service 
costs,  due  to  Symmetra's 
user-serviceability,  really 
interested  us. 


"Once  the  colocation  rooms  had  been  established, 
we  needed  to  ensure  that  our  telecommunications 
service  would  be  available  at  all  times.  Only  a 
state-of-the-art  UPS  system  could  provide  us  with 
the  security  and  peace  of  mind  we  require.  APC's 
Silcorf  3-phase  UPS  solution  was  the  perfect  answer 
for  our  application. 

HVAC  and  DC  Add  Peace  of  Mind 

"We  have  recently  installed  APC's  new  DC  power 
plant  and  NetworkAIR  air  conditioning  solutions 
into  our  sites.  APC  was  able  to  provide  us  with 
a  complete,  end-to-end  solution,  saving  us  time 
and  money. 


BridgePoint 

INTERNATIONAL 


Marcel  Matteau,  Vice  President 

Engineering  &  Operations 
Colocation  Services 
BridgePoint  International,  Inc. 


Let  APC's  Legendary  Reliability  “  work  for 
you  as  it  has  for  over  10  million  customers, 
worldwide.  Whether  you're  an  ISP,  ASP,  or 
colocation  provider  like  BridgePoint,  APC 
provides  high  availability  solutions  for  your 
power  protection  needs.  Contact  APC  today! 


Legendary  Reliability J 


APC  is  a  proud  sponsor  of  the  Colocation  & 
Hosting  Association  and  a  member  of 
the  Internet  Service  Providers'  Consortium 


APC's  customer  service  is  the  way  customer  service 
is  supposed  to  be:  fast,  personal  and  efficient.  It 
is  the  same  way  we  treat  our  own  customers.  We 
consider  APC  a  valuable  member  of  our  team  and 
a  critical  factor  in  our  continued  success. " 


DC  Power  Systems  design/installation 


DC  rectifiers  and  power  shelves  with 
advanced  efficiency,  power  density 
and  temperature  range  performance 


"Our  customers  feel  good 
about  the  fact  that  we  use  APC." 
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Newsman’s  start-up 
eyes  multimedia  nets 


■  BY  JENNIFER  MEARS 

SAN  FRANCISCO  —  MSNBC 
news  anchor  and  producer  For¬ 
rest  Sawyer  saw  a  problem:  De¬ 
spite  recognizing  the  value  of 
using  digital  media,  businesses 
were  finding  the  costs  associated 
with  creating  and  managing 
audio  and  video  content  were 
just  too  high. 

So  Sawyer,  along  with  broad¬ 
cast  and  technology  veterans, 
assembled  a  company  aimed  at 
simplifying  the  task  of  hosting, 
delivering  and  tracking  multime¬ 
dia  files.  The  company,  Sawyer 
Media, launches  this  week  with  a 
hosted  offering  that  includes 
professional  services  and  next 
year  plans  to  license  its  software 
to  companies  to  run  on  their 
own  networks. 


The  hosted  offering  involves 
software  housed  at  Sawyer  Me¬ 
dia’s  data  center  in  San  Francisco 
that  users  can  reach  via  the  Web, 
says  Chris  Young,  who  co-founded 
the  company  with  Sawyer  and 
serves  as  a  vice  president  and 
group  manager  of  corporate 
development.  Sawyer  Media  can 
hook  into  existing  digital  media 
management  systems,  although 
content  also  can  be  hosted  at  its 
data  center  if  a  company  prefers. 

Handspring  last  fall  became  an 
early  Sawyer  Media  client  when 
it  included  on-demand  video  of 
Jeff  Hawkins,  Handspring’s  co¬ 
founder  and  the  inventor  of  the 
Palm  Pilot,  on  its  Web  site  when  it 
launched  itsTreo  Communicator 


PDA. 

Handspring  created  its  video 
and  Sawyer  Media  converted  it 
into  formats  accessible  to  a  range 
of  different  media  players. Sawyer 
Media  hosted  the  video  with  its 
content  delivery  network  service 
provider  partner  Speedera  Net¬ 
works  and  enabled  Handspring 
to  track  the  performance  and  use 
of  the  video. 

“I’m  concerned  about  infra¬ 
structure  and  reliability  and  mak¬ 
ing  sure  we  could  serve  this  and 
get  the  conversions  done  on  time 
to  fit  the  schedule,”  says  Glenn 
Noga,  vice  president  of  IT  and 
CIO  at  Handspring.  “They  came 
back  and  said  we’ll  turn  it  around 
in  48  hours,  we’ll  have  the  infra¬ 
structure  in  place  so  you’ll  be 
able  to  test. . .  .And  they  were  very 
cost-effective.” 

Gartner  predicts  that  by  2006, 
80%  of  multinational  corpora¬ 
tions  will  use  applications  that  re¬ 
quire  live  video  and  video  on 
demand  to  the  desktop.  “We  see 
video  over  IP  happening  in  most 
enterprises  before  voice  over  IP,” 
says  Lawrence  Orans,  a  senior 
analyst  at  Gartner. 

The  stumbling  block  to  broader, 
rich  media  adoption,  Sawyer 
Media  executives  say,  is  that  com¬ 
panies  are  just  starting  to  learn 
how  to  manipulate  the  medium. 

Sawyer  Media’s  Enterprise 
Media  Network  costs  from 
$10,000  to  $100,000  per  month.  ■ 


■  SAWYER  MEDIA 


Forrest 

Sawyer 


Location:  San  Francisco 


Founded:  In  2000  by  veteran  news  anchor  Forrest  Sawyer  and 
Chris  Young,  who  consulted  for  Scient  and  was  co-founder  of 
Internet  retailer  Miadora. 


Product/service:  A  hosted  software  platform  to  distribute 
and  manage  rich  media  as  well  as  production  expertise  to  help 
businesses  create  media  projects. 


Finances:  $11  million  in  funding  from  individual  investors  and 
venture  capital  firm  Sequoia  Capital. 


Employees:  30 


Competitors:  Internal  IT  departments,  IBM  with  its  Digital 
Media  Factory 


SAML  gains  steam 


■  BY  JOHN  FONTANA 

An  XML  protocol  that  appears 
on  its  way  to  becoming  a  key 
building  block  for  standards- 
based  security  picked  up  mo¬ 
mentum  last  week  as  vendors 
introduced  products  and  vowed 
to  provide  free  access  to  their 
patents  to  advance  the  cause. 

The  efforts  are  in  support  of 
the  Security  Assertions  Markup 
Language  (SAML),  a  framework 
for  exchanging  authentication 
and  authorization  credentials 
over  the  Web,  which  promises  to 
give  IT  executives  a  way  to  tie 
together  disparate  security  sys¬ 
tems  internally  and  with  busi¬ 
ness  partners. 

Last  week,  RSA  Security  an¬ 
nounced  that  it  would  offer  royal¬ 
ty-free  use  of  two  patents  it  owns 
that  are  similar  to  how  SAML 
functions,  therefore  quashing 
concerns  that  the  patents  may 
hamper  the  acceptance  of  SAML. 

Also,  Quadrasis.a  business  unit 
of  Hitachi,  introduced  a  develop¬ 
er  tool  for  building  SAML  sup¬ 
port  into  connectors  that  work 
with  its  Security  Unifier.  The 
product  is  similar  to  enterprise 
application  integration  software 
in  that  it  provides  a  routing  and 
transformation  hub  and  a  set  of 
connectors  that  allow  disparate 
security  systems  such  as  authen¬ 
tication  systems,  single  sign-on 
software  and  encryption  prod¬ 
ucts  to  work  together. 

Security  Unifier  runs  on  Solaris 
and  Windows  NT/2000.  The  base 
configuration  costs  $100,000. 

“It  is  still  early  in  the  develop¬ 


ment  of  SAML,"  says  Randy  Heff¬ 
ner,  a  vice  president  at  Giga  In¬ 
formation  Group.  “But  support  is 
on  the  move.  We  have  more  and 
more  vendors  supporting  SAML 
and  that  adds  weight  to  the 
effort.” 

SAML  is  gaining  steam  as  it 
moves  through  the  standards 
track  at  the  Organization  for  the 
Advancement  of  Structured  In¬ 
formation  Standards.  Ratification 
is  expected  in  June.  Experts  say 
SAML  will  make  it  easier  for  users 
to  cross  security  boundaries, 
especially  those  between  compa¬ 
nies  that  have  established  trust 
relationships.  Combined  with 
another  emerging  standard  for 
digital  signatures  called  XML 
Signatures,  companies  can  ex¬ 
change  signed  SAML  assertions 
that  confirm  a  particular  user  is 
authenticated  and  authorized  to 
access  certain  network  services. 

RSA,  which  is  building  SAML 
into  its  Web  Access  Management 
product  called  ClearTrust,  is  offer¬ 
ing  royalty-free  access  to  U.S. 
patents  that  cover  one  type  of 
SAML  assertion  called  Browser/ 
Post  Profile,  which  basically  deliv¬ 
ers  a  digitally  signed  SAML  asser¬ 
tion  through  an  HTML  form 
stored  on  a  browser.  Most  vendors 
today  however,  are  implementing 
a  simpler  type  of  SAML  assertion 
called  Browser/ Artifact  Profile.* 


Security 

Subscribe  to  our  free  newsletter. 
DocFinder.  5434  www.nwfUsion.com 


Analyze  Assure  Accelerate 


Communications 


N+l  Las  Vegas  made  show  history  by  implementing  wireless  security,  IP 
storage,  and  MPLS  technologies  in  iLabs.  In  addition,  N+I’s  eNet  provided 
connectivity  to  8,000  exhibitor  nodes  in  a  matter  of  days.  How  did  they 
do  that?  The  answer  is  talented  people,  a  lot  of  hard  work,  and 
leading-edge  tools  from  Spirent.  For  details  on 
how  N+l  was  “Tested  by  Spirent,” 

logonto:  lAAAfiAi  cnironfrom  rnm/nJui 


That  s  why  God 
made  test  labs. 


Everybody  looks  good  on  paper.  Want  to  know  what’s  really  going  to 
perform  in  your  environment?  Use  your  test  lab.  For  eval  copies  of  our  products, 
visit  our  Web  site  or  call  toll-free.  Then  check  out  www.aelita.com/testlab  for  a 
free  guide  you  can  use  to  conduct  a  competitive  evaluation  in  your  lab. 


MIGRATION  ADMINISTRATION  SECURITY  |  RECOVERY 


www.aelita.com 

800-263-0036 


Real  performance  for 
the  real  worldr 


TREND 

MICRO 


Information  is  elusive.  It  changes  every  moment  of  every  day.  Information 
security  requires  the  ability  to  control  and  adapt  to  any  situation.  Threats  to 
information  rely  on  old  technologies  that  have  remained  stagnant  long 
enough  to  be  sidestepped.  Often,  packaged  security  solutions  are  obsolete 
before  they  are  even  applied. 
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PRODUCTS 


TREND  MICRO 
CONTROL  MANAGER 


may  guard  information, 

but  it  is  intelligence  that  makes  it  secure. 

Intelligence  comes  from  the  ability  to  learn.  But  it  is  intuition  —  the  application  of  knowledge 
based  on  experiences,  patterns  and  trends  —  that  allows  intelligent  strategies  to  be  formed 
quickly.  Intuitive  Information  Security  uses  innovative  technology  to  deliver  and  adapt  security 
strategies  to  the  enterprise. 


This  is  the  idea  behind  go-red.  It  is  the  cumulative  intelligence  of  hundreds,  deployed  by 
adaptive  technology  throughout  the  enterprise.  Right  down  to  the  individual  user,  automatically, 
and  in  real  time. 

To  understand  how  this  may  work,  consider  a  virus  outbreak.  Every  Trend  Micro  Intuitive 
Information  Security  strategy  begins  with  TrendLabs.  Made  up  of  over  400  virus  experts  around 
the  world,  their  collective  intelligence  is  used  to  identify  viruses,  quickly  develop  isolation  strate¬ 
gies  and  deploy  them  to  the  Control  Manager  software  installed  at  the  enterprise.  Control 
Manager's  technology  then  allows  a  set  of  policies  to  be  automatically  executed  by  any  number 
of  go-red  information  security  products  across  the  network.  The  result  is  a  rapid  and  effective 
quarantine  strategy. 

During  this  time,  TrendLabs  works  to  break  the  code  of  the  virus  and  establish  a  new  strategy 
designed  to  eradicate  the  quarantined  virus.  Once  this  is  accomplished,  the  strategy  is  again  de¬ 
ployed  via  Control  Manager,  effectively  cleaning  the  entire  enterprise  of  any  threat  to  its  information. 

Information  will  continue  to  change  at  a  pace  that  packaged  solutions  cannot  match.  And  although 
technology  will  continue  to  evolve,  it  is  intelligence  and  intuition  that  will  keep  information  secure. 
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SonicWall  VPN  box  protects  remote  users 


■  BY  TIM  GREENE 

SUNNYVALE,  CALIF  —  SonicWall  this 
week  will  introduce  a  box  for  telecom¬ 


muters  that  isolates  corporate  VPN  con¬ 
nections  from  other  traffic  being  gener¬ 
ated  by  family  members  who  share 
home  Internet  access. 


SonicWall’s  Tele3  Trusted  Zone,  which 
makes  its  debut  at  NetWorld+Interop 
2002  in  Las  Vegas,  has  a  physical  port 
labeled  WorkPort  and  another  labeled 


Radware's  security  application  switch  provides  high  availability 
and  optimization  for  firewalls,  VPNs  and  IDS  devices. 

Prevent  DoS  attacks  while  maintaining  high  throughput  on 
your  network  and  thwart  more  than  450  attack  signatures 
with  Radware’s  Application  Security  module  and  DoS  Shield. 


Protect  your  network's  critical  security  resources  with 
FireProof,  ensuring  that  firewalls,  VPNs  and  IDS  devices  are 
always  available,  optimized  and  secure. 


Choose  FireProof  for  intelligent  security  traffic  management. 


L 


www.radware.com  I  info@radware.com 


radware  get  certain 


HomePort.so  users  can  limit  VPN  access 
to  one  machine  and  designate  by  port 
which  home  devices  get  priority  to  use 
the  common  Internet  link.  In  addition, 
firewall  rules  can  limit  traffic  between 
the  VPN-connected  machine  and  the  rest 
of  the  home  network. 

SonicWall  is  the  only  VPN  appliance 
vendor  to  offer  such  a  port  on  its 
telecommuter  gear,  according  to  Jason 
Wright,  industry  analyst/program  leader 
of  security  technologies  at  Frost  & 
Sullivan.  He  says  the  price  of  the  device, 
around  $550,  is  roughly  what  competi¬ 
tors  Enterasys  Networks,  NetScreen 
Technologies  and  Cisco  charge  for  simi¬ 
larly  sized  boxes. 


NETWPRLD 
+  INTEROP 


SonicWall’s  earlier  Tele3  devices  had 
only  one  port  to  the  home  LAN  and 
another  to  the  Internet.  So  any  devices 
connected  to  the  home  LAN  had  equal 
access  to  the  Internet. This  new  configu¬ 
ration  allows  for  three  security  zones, 
and  users  can  create  policies  for  how 
and  whether  traffic  is  allowed  to  flow 
among  them. 

A  user  could  block  all  traffic  between 
home  machines  and  the  work  computer, 
or  allow  specific,  limited  file  sharing 
between  them. The  firewall  could  shield 
work  PCs  by  blocking  traffic  from  home 
wireless  networks  that  might  be  com¬ 
promised  by  “drive-by”  hackers.  It  also 
could  protect  the  work  machine  from 
attacks  launched  from  infected  family 
machines. 

Each  zone  would  have  separate 
antivirus  and  content  filtering,  capabili¬ 
ties  also  available  with  earlier  Tele3  de¬ 
vices.  SonicWall,  however,  is  introducing 
new  technology  for  blocking  attach¬ 
ments  by  extension.  An  upcoming  ver¬ 
sion  of  SonicWall’s  Global  Management 
System  will  support  Tele3  TrustedZone. 

In  addition,  SonicWall  has  added  fea¬ 
tures  to  its  integrated  firewall  to  priori¬ 
tize  traffic  based  on  source  and  destina¬ 
tion  addresses,  and  limit  bandwidth  to 
other  traffic.  The  device  could  be  set  to 
ensure,  for  example,  that  VPN  traffic 
would  get  priority  over  Internet  gaming. 

A  new  version  of  SonicWall’s  Global 
Management  System  supports  user-level 
authentication  for  telecommuter  devices 
by  timing-out  sessions  if  VPN  tunnels  are 
unused  for  a  preset  period. This  prevents 
users  from  logging  on  to  the  VPN  and 
leaving  the  machine  unattended,  allow¬ 
ing  the  potential  that  an  unauthorized 
person  could  access  the  VPN.  After  a  ses¬ 
sion  times  out,  users  have  to  log  on  again 
to  access  VPN  resources. 

SonicWall:  www.sonicwall.com 


With  Avaya,  you’re  already  this  close  to  IP  Telephony. 


In  fact,  you  can  use  what's  in  your  own  network.  Now  Avaya,  the  leader  in  voice  solutions, 
has  extended  IP  Telephony  to  an  open  architecture.  So  our  feature-rich  MultiVantagem 
Software  can  work  with  your  existing  investment,  allowing  you  to  have  Enterprise  Class  IP 
Solutions  anywhere  in  your  network.  That  means  you  get  gentle  migration  and  flexible 
deployment  from  the  core  to  the  edge,  or  the  other  way  around.  Learn  how  a  network 
assessment  can  help  you  discover  how  close  you  are  to  IP  Telephony.  Visit  avaya.com/yes 


AVAVA 


COMMUNICATION  WITHOUT  BOUNDARIES 


You're  an  IT  professional,  not  the  Internet  police. 

Give  the  cop  routine  a  rest.  Manage,  don't  just  monitor  corporate  Internet  activity  with  Websense  Enterprise  Web  filtering 
software.  No  more  watching  over  shoulders  or  online  patrolling.  Websense  puts  the  highest  quality,  leak-free  database  to  work 
for  you.  It's  more  accurate,  reliable  and  comprehensive  with  automated  daily  updates,  including  more  than  5,000  site  additions 
per  day.  That's  why  more  than  half  the  Fortune  500  trust  Websense  to  manage  employee  online  activity.  You  can  too. 
Get  Websense.  And  save  your  badge  for  when  you  really  need  it. 


Stop  by  www.websense.com  today  for  your  free,  fully  functional  30-day  trial. 


EMPLOYEE  INTERNET  MANAGEMENT 

NASDAQ:  WBSN 
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Systems  Management 

□  3.  D  LAN  Management 


PS  PS 

□  4.  □  DataconVTelecom  Management  D7.  □  Corporate  Management 

□  5.  □  Intemet/lntranet/Wel/  (CEO,  COO,  CFO,  Pres.,  VP, 

E-Commerce  Management  Dir..  Mgr.) 

□  6.  □  Engineering  Management  □  8.  □  Consultant  (Independent) 

□  9.  □  Other  (please  specify) 


What  is  the  estimated  value  of  network  equipment  and  services  that  you  specify, 
recommend,  or  approve  the  purchase  Of?  (Please  print  the  appropriate  number  code  on 

the  line  next  to  each  product  category.  Please  complete  ALL  categories  A-0.) 


$100  Million  or  more 
$50  Million  to  $99.9  Million 
$25  Million  to  $49.9  Million 
$10  Million  to  $24.9  Million 
$1  Million  to  $9.9  Million 
$100,000  to  $999,999 
$50,000  to  $99,999 
Under  $50,000 
None  of  the  above 


.  Large  Systems 
(Mainframes/Minis) 

_  Desktops 

( Micros/Laptops/  Workstations) 
.  Mobile 

(including  PDAs,  Wireless) 

.  Servers 
_  UN's 

.  WAN  Equipment 
.  Carrier  Services 


.  lntemet/Web/E-commerce 
.  Intranet/Extranet 
.  Internetworking 
(including  Routers,  Switches) 
_  Storage 
.  Remote  Access 
_  Peripherals 
.  Software 

.  Service/Support  Services 


yBwhat  is  the  total  number  ot  sites  tor  which  you  have  purchase  inlluence? 

(check  ONE  only) 

i.  moo 


ID  100+  2.  050  to  99  3.  □  20  to  49  4.  D10  to  19  5.  □  2  to  9  6.  □  1  7.  □  None 


Subscription  Application 


Please  indicate  the  Web/Security/LAN/lntemetworking/Wireless/Mobile/WAN  Equipment/ 
Carrier  Services  that  you  are  currently  involved  in  purchasing  or  plan  to  purchase 

(check  ALL  that  apply)  A.  Currently  involved  in  purchasing  B.  Plan  to  purchase 


□  01.D  Web  Servers/Software 

□  02.  □  Web  Traffic  Management 

□  03.  □  Electronic  Commerce  Tools 


SECURITY  . 
A  B 


A  B 

□  04.  □  Web  Development  Tools 

□  05.  □  Web  Content  Management 

□  06.  □  Web  Collaboration/ 

Groupware 


□  07.  □  Web  Acceleration/Caching/ 

Load  Balancing 

□  08.  □  Web  Hosting  Services 

□  09.  □  Other 


□  10.  □  Firewalls 

□  11.0  Anti-Virus  Software 

□  12.  □  Private  Key  Encryption  Tools 

LANsitNTERNETWORKING _ 

A  B 

□  19.  □  Fast  Ethernet 

□  20.  □  Gigabit  Ethernet 

□  21.  □  Layer  3-7  Switches 

□  22.  □  ATM  Switches 

□  23.  □  Routers 

□  24.  □  Network  Attached  Storage 

(NAS) 

□  25.  □  Storage  Area  Networks  (SANs) 

WIRELESS/MOBILE  - 

A  B 


□  13.  □  DES  Encryption  Tools 

□  14.  □  Authentication  Tools 

□  15.  □  Intrusion  Detection 


□  16.  □  Certificate  Authorities 

□  17.  □  Biometrics 

□  18.  □  Other 


□  26.  □  Storage  Backup 

(Optical,  Disk,  Tape,  RAID) 

□  27.  □  Network  Test/Diagnostic 

Tools 

□  28.  □  Uninterruptable  Power 

Supplies  (UPS) 

□  29.  □  Network  Interface  Cards 

(NICs,  PCMCIA) 


□  30.  □  Hubs/Intelligent  Hubs/ 

Stackable  Hubs 

□  31.  □  Cables, Connectors,  Baiuns 

□  32.  □  WiringFiber  Systems 

□  33.  □  Net  Management  Systems 

□  34.  □  Voice  Over  IP  (VoIP)  Tools 

□  35.  □  Network  Analyzers 

□  36.  □  Other  Local-Area  Network/ 

Internetworking 


□  37.  □  Wireless  LANS 

□  38.  □  Wireless/Cell  Phones 

WAN  EQUIPMENT - 

A  B 

□  43.  □  Frame  Relay  Equipment 

□  44.  □  Bandwidth  Managers 

□  45.  □  Bandwidth  Shaping/QOS 

Tools 

□  46.  □  VPN  Equipment 

□  47.  □  ATM  Switches 


CARRIER  SERVICES  . 
A  B 


A  B  A  B 

□  39.  □  Wireless  LAN  Extension  Tools  □  41.  □  PDAs 

□  40.  □  Mobile  Data  □  42.  □  Other  Remote/Wireless 

Equipment/Services 


□  48.  □  Voice/Video  over  IP 

Gateways 

□  49.  □  Modems 

□  50.  □  Cable  Modems 

□  51.  □  xDSL  Products 

□  52.  □  Diagnostic/Test  Equipment 


□  53.0  DSUs/CSUs 

□  54.0  PBXs 

□  55.  □  Call  Center  Tools 

□  56.  □  Videoconferencing  Gear 

□  57.  □  ISDN  Equipment/Services 

□  58.  □  Other  WAN 

Equipment/Services 


□  59.  □  Internet  Access 

□  60.  □  Private  Lines 

□  61.0  Frame  Relay  Services 

□  62.  □  ADS1/DSL 

□  63.  □  T-l/T-3  Services 


□  64.  □  ATM  Services 

□  65.  □  Managed  Services 

□  66.  □  VPN  Services 

□  67.  □  LAN-Extension  Services 

□  68.  □  OC-3/OC-12 


□  69.  □  Wavelength  Services 

□  70.  □  Dark  Fiber 

□  71.  □  Other  Carrier  Services 

A  B 

None  of  the  above  (1  -71)  □  72.  □ 


Please  indicate  the  Systems/Peripherals/Software/Applications/Business  Services 
that  you  are  currently  involved  in  purchasing  or  plan  to  purchase:  (check  all  that  apply) 

A.  Currently  involved  in  purchasing  B.  Plan  to  purchase 


SYSTEMSiPERIPHERALS  - 

A  B 

□  01.  □  Laptops/Notebooks 

□  02.  □  Desktops 

□  03.  □  Intel-Based  Servers 

□  04.  □  Rise-Based  Servers 

□  05.  □  Print  Servers 

SOFTWARE/APPLICATIONS  _ 

A  B 

□  14.  □  Desktop/ServerOperating 

Systems 

□  15.  □  Network  Management 

□  16.  □  Systems  Management 

□  17.  □  Directory  Services 

□  18.  □  E-Mail 

□  19.  □  Groupware 


□  06.  □  Fax  Servers 

□  07.  □  Remote  Access  Servers 

□  08.  □  Video  Servers 

□  09.  □  Mid-Range  Systems 

(including  workstations) 


□  10.  □  Mainframes 

□  11.  □  Printers 

□  12.  □  Enclosures/Racks/Fumiture 

□  13.  □  Other  Computers/ 

Peripherals 


□  20.  □  Database  Management 

Systems 

□  21.  □  Customer  Resource 

Management  (CRM) 

□  22.  □  Enterprise  Resource 

Planning  (ERP) 

□  23.  □  XML  Tools 

□  24.  □  Desktop  Videoconferencing 


BUSINESS  SERVICES - 

A  B 

□  32.  □  Application  Service 
Provider  Services 


□  25.  □  Middleware 

□  26.  □  Document  Management  Tools 

□  27.  □  Site  Metering  Tools 

□  28.  □  Software  Distribution  Tools 

□  29.  □  Data  Warehousing 

□  30.  □  Applications  Development 

Tools 

□  31.0  Other  Software/Applications 


A  B  A  B 

□  33.  □  Systems  Integration/  □  35.  □  Other  Services 

Consulting  A  B 

□  34.  □  Education/Training  Services  None  of  the  above  (1  -  35)  □  36.  □ 


■  r!v  Please  indicate  the  platforms  that  are  currently  installed/planned:  (check  all  that  apply) 

A.  Currently  installed  B.  Planned  for  purchase 

A  B 

□  OLD  TCP/IP v4 

□  02.  □  TCP/IP  v6 

A  B 

□  03.  □  SNA/APPC/APPN/LU6.2 

□  04.  □  Novell  IPX/SPX 

A  B 

□  05.  □  NETBIOS/NETBUEI 

□  06.  □  NFS 

□  07.  □  Other  Network  Protocols 

A  B 

□  08.  □  Gigabit  Ethernet 

□  09.  □  Switched  Ethernet 

□  10.  □  Fast  Ethernet 

□  ll.D  Ethernet 

□  12.  □  ATM 

A  B 

□  13.  □  Token  Ring/Token  Ring 

Switching 

□  14.  □  Layer  3-7  Switching 

□  15.  □  FDDI 

□  16.  □  Fibre  Channel 

□  17.  □  Wireless  LANs 

A  B 

□  18.  □  DSL 

□  19.  □  ISDN 

□  20.  □  Frame  Relay 

□  21. □  Private  Line  Tl,  T3,  OC-3, 

OC-12 

□  22.  □  Other  LAN/WAN 

Environment 

A  B 

□  23.  □  Windows  2000 

□  24.  □  Windows  95/98 

□  25.  □  Windows  NT/Windows  2000 

□  26.  □  Novell  (NetWare  5.X,  4.X, 

3.X,  2JQ 

□  27.  □  UNUX 

A  B 

□  28.  □  Intel  based  UNIX 

□  29.  □  RISC  based  UNIX 

(incl.  SOLARIS) 

□  30.  □  IBM  MVS/VM/VSE/ESA 

□  31.  □  OS/400 

□  32.  □  Digital  VMS 

□  33.  □  Macintosh 

A  B 

□  34.  □  Palm  OS 

□  35.  □  Windows  CE 

□  36.  □  Other  Network  Operating 

System 

A  B 

None  of  the  above  (1-  36)  □  37.  □ 

Continued  on  next  page... 


Continued  from  page  one... 


What  is  the  total  number  of  Servers/Clients  installed/planned  at  your  location/in  your 
entire  organization?  (check  ONE  box  in  each  column) 


SERVERS  .  .  . 

At  Location  Entire  Org. 

A  B 

□  1.  50,000+  □ 

□  2.  10,000  to  49,999  □ 

□  3.  1,000  to  9,999  □ 

□  4.  100  to  999  □ 

□  5.  50  to  99  □ 

□  6.  10  to  49  □ 

□  7.  1  to  9  □ 

□  8.  none  □ 

CUENTS  .  ,  „ 

At  Location  Entire  Org. 

C  D 

□  1.  50,000+ 

□  2.  10,000  to  49,999  □ 

□  3.  1,000  to  9,999  □ 

□  4.  100  to  999  □ 

□  5.  50  to  99 

□  6.  10  to  49 

□  7.  1  to  9  □ 

□  8.  none  0 

\M 

What  is  your  scope  and  involvement  in  purchasing  decisions  for  network  products 
and  services  for  your  enterprise? 

A.  Scope  (check  ONE  only) 

CORPORATE/ENTERPRISE: 

1 .  □  Entire  Enterprise/  3.0  Division/Multiple 

Multinle  Enterprises  Divisions 

2. D  Multinational  4.D  Department 

Enterprise  5.0  None 

B.  Involvement  (check  ALL  that  apply) 

LID  Create  Network/IT  4.G  Evaluate 

Strategy  Products/Services 

2.0  Recommend/Specify  5.G  Determine  the  Need 

Brand  6.D  None 

3.D  Approve  Purchase 

a 

What  is  the  estimated  number  of  employees  in  your  entire  organization/at  your 

location?  (check  ONE  in  each  section) 

A.  Entire  organization: 

1.  □  Over  20,000  5.  □  1,000  -  2,499 

2.  □  10,000-  19,999  6.  □  500  -  999 

3.  D  5,000  -  9,999  7.  □  499  or  less 

4.  □  2,500  -  4,999 

B.  At  your  location: 

1.  □  Over  20,000  6.  □  500  -  999 

2.  □  10,000-  19,999  7.  □  250-499 

3.  □  5,000  -  9,999  8.  □  100  -  249 

4.  □  2300  -  4,999  9.  □  99  or  less 

5.  □  1,000  -  2,499 

II. 

Which  of  the  following  hardware  platforms  are  installed/planned  in  your  company? 

(check  ALL  that  apply) 

A  -  Servers  B  -  Workstations/Desktops/Laptops 

1.  □  IBM  (Mainframes)  *j.  □  Unisys  \  □  $un  Microsystems  5.  □  Dell 

2.  □  IBM  RS/6000  $■  □  H-P  2.  □  H-P  6.  □  Gateway 

3.  □  IBM  AS/400  '•  U  Other  3  q  CompacyDigital  7.  □  Fujitsu 

4.  □  Compaq/Digital/  4,  □  IBM  8.  □  Other 

Tandem 

12. 

What  is  the  estimated  gross  revenue  of  your  entire  company/institution? 

(check  ONE  only)  | 

1.  □  $20  Billion  or  More  5.  □  $100  Million  to  $499.9  MiUion  9.  □  $4.9  Million  or  Less 

2.  □  $10  Billion  to  $19,9  Billion  6.  □  $50  Million  to  $99.9  Million  10D  None  of  the  above 

3.  □  $1  Billion  to  $9.9  Billion  7.  □  $10  Million  to  $49.9  Million 

4.  □  $500  Million  to  $999.9  Million  8.  □  $5  Million  to  $9.9  Million 

For  faster  service,  subscribe  online  at: 

http://www.nwwsubscribe.com/b502 


For  which  areas  outside  of  the  U.S.A.  do  you  have  purchase  influence? 

(check  ALL  that  apply) 


1.  □  Europe 

2.  □  Asia 


□  South  America 

□  Australia 


□  Middle  East 

□  Africa 


7.  G  Canada 

8.  0  None 


SIGN  UP  and  Start  Immediately  Receiving  our 
FREE  Weekly  e-Newsletter  This  Week  on  NWFusion 
and  easily  stay  current  on  today’s  networking  challenges! 


YES!  Start  my  subscription  immediately. 


My  e-mail  address  is: 


Your  colleagues  may  also  qualify  for  a  FREE  subscription! 

Please  list  below  names,  job  functions,  e-mail  addresses  and  phone  numbers  of  other  individuals  at  your  location  who  might  also  benefit  from  a  FREE  subscription  to  |\|BtW0rkW0f1(j 

name 

NAME 

JOB  FUNCTION 

JOB  FUNCTION 

E-MAIL  ADDRESS 

E-MAIL  ADDRESS 

PHONE  NUMBER 

PHONE  NUMBER 

"  NAME 

■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■■ 
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JOB  FUNCTION 

JOB  FUNCTION 

E-MAIL  ADDRESS 

E-MAIL  ADDRESS 

PHONE  NUMBER 

PHONE  NUMBER 
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■  TCP/IP,  LAN/WAN  SWITCHES 
B  ROUTERS  B  HUBS 
a  ACCESS  DEVICES  a  CLIENTS 
a  SERVERS  a  OPERATING  SYSTEMS 
a  VPNS  a  NETWORKED  STORAGE 


■  IBM  recently  shed  light  on  future 
generations  of  its  high-end  server 
chips,  saying  it  expects  to  stretch 
the  chips  down  to  the  low  end  of  its 
server  family.  The  company  says  it 
will  build  on  its  current  Power4 
architecture  in  the  coming  years 
with  the  release  of  speedier  and 
more  complex  Power5  and 
Power6  chips  due  out  in  2004  and 
2006.  With  the  arrival  of  Power5, 
users  should  find  a  chip  that  runs  at 
close  to  2  GHz  and  is  equipped  with 
two  key  technologies:  Fast  Path, 
which  lets  some  basic  functions 
associated  with  network  traffic  be 
handled  by  the  chip  instead  of  rely¬ 
ing  on  software  to  complete  the 
tasks;  and  simultaneous  multi¬ 
threading,  which  makes  a  single 
processor  appear  as  if  it  were  two 
processors  to  the  software  it  is 
running.  IBM  also  plans  to  add  vari¬ 
ous  forms  of  its  eLiza  technology 
for  predicting  and  fixing  hardware 
errors.  The  Power5  chip  will  contain 
several  error-checking  tools  that 
can  help  the  chip  recover  from  a 
problem  on  the  fly  and  force  the 
chip  to  redo  operations  if  a  problem 
is  detected,  IBM  says.  At  some 
point,  IBM  expects  the  Power  chips 
to  make  their  way  into  compact 
blade  servers,  www.ibm.com 

■  Quantum  last  week  beefed  up 
its  networked  storage  line  with  the 
announcement  of  a  new  Linux- 
based  network-attached  storage 
appliance  targeted  at  small  and 
midsize  businesses.  Guardian 
14000  will  run  on  a  tweaked  version 
of  Red  Hat's  Linux  operating  sys¬ 
tem  and  can  be  used  as  storage  for 
servers  running  Linux,  Windows, 
Unix  and  Macintosh  operating  sys¬ 
tems.  Quantum  will  start  shipping 
the  Guardian  14000  to  all  customers 
by  midyear  with  a  price  tag  of 
$24,900  for  1.4  terabytes  of  storage 
capacity  in  a  rack-mounted  appli¬ 
ance  that  is  3U  (5.25  inches)  high. 
The  new  product  expands  Quan¬ 
tum's  NAS  line  beyond  its  lower-end 
Snap  Server  appliances. 
www.quantum.com 


1 0G  Ethernet  set  to  star  at  N+l 


■  BY  PHIL  HOCHMUTH 

LAS  VEGAS  —  While  the  road  to  devel¬ 
oping  the  10  Gigabit  Ethernet  standard  has 
been  difficult,  proponents  hope  the  largest 
10G  Ethernet  test  net¬ 
work,  which  will  be  on 
display  at  NetWorld-i- 
Interop  2002  Las  Vegas 
this  week,  will  go  a 
long  way  toward  dis¬ 
pelling  any  fractious 
issues. 

The  10  Gigabit  Ethernet  Alliance  (10GEA) 
will  sponsor  the  network,  which  will  consist 
of  19  nodes  from  23  different  switch,  test 
equipment  and  other  product  vendors.  It 
will  be  an  end-to-end  10G  Ethernet  net¬ 
work, spanning  over  105  miles  of  fiber. 

Vendors  of  10G  Ethernet  switches  that 
will  have  products  in  the  demonstration 
include  Cisco,  Enterasys  Networks,  Extreme 
Networks,  Foundry  Networks  and  Nortel. 
Also  on  hand  will  be  a  prototype  10G 
Ethernet  network  interface  card  (NIC) 
from  Intel,  running  in  a  Hewlett-Packard 
9000  Unix  server.  Four  of  the  seven  versions 
of  the  10G  Ethernet  Physical  Media  De¬ 
pendent  connections  also  will  be  included 
in  the  demo. 


“Any  doubts  as  to  whether  10  Gigabit 
Ethernet  products  are  [ready],  or  if  prod¬ 
ucts  from  different  vendors  can  interoper¬ 
ate,  should  be  dispelled  by  this  demo,” says 
Mark  Fishburn,  chair  of  the  10GEA. 

While  10G 
Ethernet  propo¬ 
nents  are  confi¬ 
dent  about  the 
readiness  of  the 
technology,  the 
fact  remains  that 
the  Institute  of 
Electrical  and  Electronics  Engineers 
(IEEE)  has  yet  to  ratify  10G  Ethernet  as  a 
complete  standard.  While  the  original 
road  map  for  10G  had  standard  ratifica¬ 
tion  slated  for  March,  the  final  vote  was 
put  off  until  June  because  of  issues  con¬ 
cerning  the  readiness  of  optical  compo¬ 
nents  for  testing,  and  the  lack  of  consent 
among  IEEE  members  on  how  compo¬ 
nents  and  systems  should  be  tested.  While 
standard  crafters  say  the  802.3ae  draft  is 
final  in  terms  of  its  technical  specifica¬ 
tions  —  meaning  products  currently 
based  on  the  standard  are  not  likely  to 
change  —  the  testing  issue  could  delay 
the  official  ratification  of  10G  Ethernet  fur¬ 
ther  into  the  summer. 


High-speed  growth 

The  10  Gigabit  Ethernet  market 
will  take  off  in  a  few  years  as 
carriers  adopt  the  technology, 
and  business  customers  begin 
upgrading  their  backbones. 


10  Gigabit  Ethernet  revenue 


Part  of  the  complexity  of  completing  the 
10G  Ethernet  standard  was  in  the  com¬ 
plexity  of  the  optical  interfaces,  Fishburn 
says.  While  Fast  Ethernet  “stole”  interface 
designs  from  FDDI,  and  the  Gigabit 
Ethernet  standard  borrowed  from  Fiber 
Channel, “we  basically  had  to  invent  a  total¬ 
ly  new  kind  of  interface”  for  10G  Ethernet, 
Fishburn  says.“And  it  wasn’t  easy’ 

See  10G  Ethernet,  page  26 
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Cisco  fortifies  remote  branch  routers 


BY  PHIL  HOCHMUTH 


ings  for  the  ser¬ 
vice  provider 
edge.  Page  49. 


SAN  JOSE  —  Cisco  last  week  released  a 
crop  of  new  routers  aimed  at  boosting 
bandwidth.security  and  IP  telephony  sup¬ 
port  at  enterprise  branch  offices. 

Cisco’s  3700,  the  company’s  newest  high- 
end  access  router,  a  check  out  new 
combines  increased  Cisco  router  offer 
throughput,  advan¬ 
ced  application  qual¬ 
ity  of  service  (QoS) 
and  IP  telephony  support  for  large  branch 
offices,  the  company  says.  Upgrades  to  the 
Cisco  midtier  2600  access  router  line  also 
could  help  speed  VPN  encryption 
throughput  in  midsize  branch  offices 
while  new  small  office/home  office 
(SOHO)  routers  are  aimed  at  extending 
similar  features  to  teleworkers  and  small 
offices. 

Cisco’s  3725  and  3745  routers  are  two- 
and  three-slot  chassis  that  can  each  handle 


Cisco's  latest  2600  series  router 
promises  improved  VPN  and  QoS  support. 

up  to  three  internal  Advanced  Integration 
Modules  (AIM)  and  three  additional  WAN 
interface  card  (W1C)  modules  for  adding 
connections  such  as  analog  and  digital 
voice  support,  and  T-l  and  ATM  connec¬ 
tions.  Both  3700s  take  the  same  AIM,  WIC 
and  chassis  modules  as  the  2600  and  3600 
series  routers.The  3725  is  aimed  at  midsize 
and  large  branch  offices,  while  the  3745 
could  serve  as  a  WAN  box  at  a  large  branch 
or  a  corporate  headquarters. 

The  3700  series  also  comes  with  an 


available  36-port  10/100  Ethernet  switch 
module,  which  can  provide  in-line  power 
to  Cisco  IP  phones  and  Aironet  wireless 
LAN  access  points  over  Category  5 
cabling.  The  packaging  of  WAN,  LAN  and 
in-line  power  is  a  good  direction  for 
Cisco’s  router  products,  says  Robert 
Bussabarger,  network  engineer  for  the  city 
of  Bend,  Ore. 

“In-line  power  just  cleans  up  any  imple¬ 
mentation  of  IP  telephony  or  wireless 
LANs”  by  letting  phones  or  wireless  LAN 
endpoints  use  one  wire  for  network  con¬ 
nectivity  and  power,  he  says.  The  city  of 
Bend  uses  Cisco  2600  and  3500  series 
routers,  and  IP  telephony  products  from 
Cisco. 

Switches  and  routers  that  support  in-line 
power  and  are  hooked  to  an  uninterrupt¬ 
ible  power  supply  can  still  provide  phone 
service  to  IP  phones  in  the  event  of  a 
power  failure,  Bussabarger  says.  “It’s  a 

See  Cisco,  page  28 
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WatchGuard  springs  new  VPN  products 


WatchGuard  is  introducing  new  Vclass  VPN 
appliances  that  range  in  speed  from  20M  to 
300M  bit/sec. 


■  BY  TIM  GREENE 

SEATTLE  —  WatchGuard 
Technologies  last  week  is  intro¬ 
duced  a  family  of  high-perfor¬ 
mance  firewall/VPN  appliances 
that  give  your  network  adminis¬ 
trators  efficient  hardware  and 
software  platforms  for  protect¬ 
ing  corporate  sites  ranging  in 
size  from  small  branch  offices 
to  data  centers. 

In  addition  to  firewall  and  VPN 
support,  WatchGuard’s  Firebox 
Vclass  appliances  can  be  paired 
to  provide  backup  for  each 
other,  perform  network  address 
translation  so  VPN  traffic  can 
successfully  traverse  firewalls 
that  perform  network  address 
translation  and  provide  quality 
of  service  so  users  can  designate 
applications  that  get  priority. 

The  Vclass  V10,  V60,  V80  and 


VI 00  sport  VPN  throughput 
ranging  from  20M  to  300M 
bit/sec,  making  Vclass  gear 
fall  solidly  in  the  range  of 
what  other  vendors  such  as 
Cisco,  NetScreen  Technol¬ 
ogies,  Nokia  and  Nortel 
offer,  but  fall  short  of  the  6G 
bit/sec  speeds  some  ven¬ 
dors  such  as  NetScreen 
boast.  The  devices  range  in 
size  too,  from  the  high-perfor¬ 
mance  Firebox  V100, a  1U  (1.75- 
inch)  device  offering  two  1- 
Gigabit  Ethernet  and  two  high 
availability  ports,  to  the  V10 
designed  to  support  10  users, 
the  company  says. 

To  manage  Vclass  devices, 
WatchGuard  is  introducing 
vController,  Java-based  software 
that  manages  firewall  and  VPN 
policies  in  Vclass  devices.  For 
managing  policies  across  multi¬ 


ple  Vclass  devices,  WatchGuard 
is  introducing  Centralized  Policy 
Manager  (CPM).  CPM  enables 
distribution  of  policies  to  all  de¬ 
vices,  groups  or  individual  de¬ 
vices  in  a  corporate  VPN. 

WatchGuard  also  is  introduc¬ 
ing  new  VPN  software  for  PCs 
using  Windows  XP  to  connect  to 
WatchGuard  VPN  gateways.  New 
WatchGuard  management  soft¬ 
ware  called  Enforcer  is  designed 
for  remote  PCs  and  lets  network 


administrators  lock  down 
certain  files  and  configura¬ 
tions  so  end  users  can't  dis¬ 
able  security  on  the  devices. 
It  also  updates  remote 
machines  so  they  are  config¬ 
ured  to  the  current  security 
policies. 

Vclass  gives  WatchGuard 
three  distinct  product  fami¬ 
lies,  RapidStream  products 
that  support  VPN  and  firewall 
software  made  by  Check  Point 
Software,  Firebox  III  devices  that 
are  based  on  WatchGuard’s  orig¬ 
inal  technology  and  Vclass. 
However,  RapidStream  hard¬ 
ware  devices  using  Rapid- 
Stream’s  own  firewall  and  VPN 
software  will  be  discontinued, 
WatchGuard  says. 

While  the  performance  of 
some  of  these  products  may 
overlap,  they  let  WatchGuard 


meet  the  diverse  needs  of  indi¬ 
vidual  corporations,  says  Jason 
Wright,  industry  analyst/program 
leader  of  security  technologies 
for  Frost  &  Sullivan.  “A  corpora¬ 
tion  may  have  different  offices 
with  different  needs  that  would 
require  different  grades  of  equip¬ 
ment,”  Wright  says.  Buying  from 
one  vendor  that  can  supply  all 
grades  might  be  more  attractive 
than  dealing  with  multiple  ven¬ 
dors,  he  says. 

Vclass  devices  are  based  on 
the  Rapid  Core  ASIC  that  Watch- 
Guard  acquired  when  it  bought 
VPN  appliance  vendor  Rapid- 
Stream,  but  have  different  moth¬ 
erboard  architecture  and  use 
different  central  processing 
units. 

The  models  cost  as  follows: 
V10,  $6,000;  V60,  $7,000;  V80, 
$1 1,000;  and  VI 00,  $25, 000.  ■ 


10G  Ethernet 

continued  from  page  25 

A  result  of  the  technology’s 
complexity  is  its  high  price, 
experts  say.  With  the  average  for  a 
10G  Ethernet  port  in  the  area  of 
$40,000,  according  to  IDC,  the 
technology  is  out  of  the  price 
range  of  most  corporate  IT  shops. 
But  that  price  is  still  a  fraction  of 
the  cost  of  the  10G  bit/sec  OC- 
192c  SONET  equivalent,  which 
costs  around  $300,000  per  port. 
And  like  Fast  and  Gigabit 
Ethernet  before,  IDC  expects  10G 
Ethernet  prices  to  decline  signifi¬ 
cantly,  dropping  to  about  $7,800 
per  port  by  2005. The  lower  price 
also  will  spur  adoption  of  the 
technology  —  as  IDC  predicts 
port  shipments  to  grow  from 
around  9,000  to  more  than 
400,000  ports  shipped  between 
now  and  2005. 

Despite  the  high  prices,  there 
are  users  putting  10G  Ethernet 
through  its  paces. 

The  Information  Sciences  In¬ 
stitute  (1SI)  of  the  University  of 
Southern  California  is  one  of  the 
first  shops  to  have  10G  Ethernet 
installed  in  a  production  net¬ 
work.  1SI  installed  modules  from 
Foundry  in  its  LAN  a  month  ago 
to  aggregate  traffic  from  a  work¬ 
group  of  high-end  computer  sci¬ 
ence  users  running  Gigabit  Ether¬ 
net  to  the  desktop. 

The  workgroup  is  part  of  a  grid 
computing  project,  which  in¬ 
volves  the  linking  of  processors 


and  storage  over  high-speed  WAN 
links  to  create  a  supercomputer- 
scale  cluster  of  shared  disk  space 
and  CPUs. 

ISI  installed  lOGBase-LR  mod¬ 
ules  in  its  Biglron  4000  switch, 
where  Gigabit  traffic  is  aggreg¬ 
ated,  and  its  Biglron  8000,  which 
acts  as  the  network  core  device. 

“We  were  a  little  nervous  about 
having  a  Gigabit  backbone  and 
one-Gigabit  endpoints  feeding 
into  that,”  says  Richard  Nelson, 
director  of  computing  at  ISI.  “If 
they  were  all  turned  on  at  one 
time,  our  backbone  would  fill  up 
pretty  quick.” 

With  factors  such  as  the  drop¬ 
ping  price  of  lOOOBase-T  NICs, 
Nelson  says  he  foresees  a  drop  in 
the  use  of  Gigabit  to  the  desktop 
in  his  network. 

The  one  10G  bit/sec,  single¬ 
mode  fiber  connection  between 
the  school’s  two  Biglron  boxes  is 
better  than  Gigabit  line  trunking, 
according  to  Nelson,  because  the 
single-port  10G  modules  take  up 
less  real  estate  on  his  two  Biglron 
switches,  as  opposed  to  trunking 
20  Gigabit  ports  between  the  two 
boxes.  Because  many  vendors 
offer  proprietary  trunking  tech¬ 
nologies  that  require  a  homo¬ 
geneous  network  scheme,  10G 
Ethernet  will  allow  for  more 
open,  multivendor  network  sup¬ 
port  down  the  road,  he  adds. 

The  10G  bit/sec  link  to  the  net¬ 
work  core  at  ISI  is  providing  more 
than  enough  bandwidth  to  the 
dozen  Gigabit-enabled  worksta¬ 


tions  and  a  16-node  Linux  cluster. 
“We  were  spiking  over  50%  of  our 
bandwidth  utilization,”  with  only 
Gigabit  links  connecting  the  grid 
computing  workgroup,  while  the 
new  10G  Ethernet  link  rarely  goes 
above  10%,  he  adds. 

Nelson  also  plans  to  extend  10G 
Ethernet  beyond  his  LAN. 

“Long-distance  is  what  we  will 
focus  on  next,”  he  says.  ISI  has  a 
dark  fiber  connection  to  the  USC 
main  campus  that  runs  at  4G 
bit/sec,  using  Gigabit  Ethernet 
and  dense  wave  division  multi¬ 
plexing.  Nelson  plans  to  upgrade 
that  connection  to  a  1550nm 
lOGBase-LW  connection,  while 
adding  a  lOGBase-LW  link  to  a 
“telecom  hotel”  Internet  point  of 
presence  in  downtown  Los 
Angeles. 

“I’m  a  big  proponent  of  Ether¬ 
net  in  the  WAN,”  Nelson  says.“It’s 
easier  to  do  and,  when  looking 
at  alternatives  like  packet  over 
SONET,  I  think  it’s  more 
cost-effective.”  ■ 
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Wireless  LAN 
providers  team 
to  offer  roaming 


■  BY  JORIS  EVERS 

Several  wireless  LAN  service 
providers  and  hardware  ven¬ 
dors  last  week  established  an 
industry  association  to  facilitate 
wireless  LAN  roaming. 

The  association,  called  Pass- 
One,  plans  to  set  minimum  ser¬ 
vice  standards  and  certify  com¬ 
pliancy  of  member  networks. 
Users  subscribing  to  one  mem¬ 
ber’s  wireless  LAN  service 
should  be  able  to  use  another 
member’s  network  without  bar¬ 
riers,  the  founding  members  of 
Pass-One  said. 

“Our  goal  is  to  create  a  seam¬ 
less  and  global  end-user  [wire¬ 
less]  LAN  experience, "says  Sofia 
Flood,  spokeswoman  for  Wifi- 
com  Oy  of  Helsinki,  a  Pass-One s 
wireless  LAN  service  provider 
member. 

Pass-One’s  WLAN  service  pro¬ 
vider  members  operate  so- 
called  wireless  LAN  “hotspots"  in 
public  areas  such  as  hotels,  air¬ 
ports  and  coffee  shops,  and  the 
association  is  open  to  other 
wireless  LAN  service  providers. 


A  meeting  is  planned  for  June 
14  in  Boston,  where  the  vendors 
will  hammer  out  the  details  of 
the  association  and  present  a 
demonstration  of  wireless  LAN 
roaming,  Flood  says.  No  sched¬ 
ule  has  been  set  for  roaming  to 
be  offered  to  end  users,  she 
adds. 

Besides  Wificom,  Pass-One 
founding  wireless  LAN  service 
providers  are  Tele2  AB,  Way- 
port,  FatPort  and  Open  Point 
Networks. 

Founding  vendors  are  Symbol 
Technologies,  Nomadix,  Funk 
Software,  Service  Factory  AB 
and  TSI  Telecommunication 
Services. 

Evers  is  a  correspondent  with 
the  IDG  News  Service’s  Amster¬ 
dam  bureau. 
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Gates,  Fiorina:  Get  out  of  court  and  back  to  work 


Bill  Gates  and  Walter  Hewlett  don’t 
have  a  lot  in  common,  except  that 
neither  should  have  gone  before  a 
judge  recently  In  Gates’  case,  that’s  U.S. 
District  Judge  Colleen  Kollar-Kotelly,  who 
is  hearing  the  objections  of  nine  states  to 
Microsoft’s  sweetheart  settlement  with  the 
Department  of  Justice.  For  Hewlett,  it 
would  be  Delaware  Chancery  Court 
Judge  William  Chandler  III,  who’s  hearing 
Hewlett’s  complaint  that  Hewlett-Packard 
broke  the  rules  in  winning  a  proxy  vote  to 
approve  its  merger  with  Compaq. 

Neither  witness  could  produce  the  so- 
called  smoking  gun  (that’s  legal  speak  for 
“killer  app,”  the  obvious  evidence  that  a 


crime  has  been  committed). 

Gates  droned  on  about  the  integrity  of 
Windows, how  modularizing  it  would  lead 
to  mass  confusion  on  the  part  of  con¬ 
sumers.  Unfortunately,  he  overlooked 
Windows  Embedded  —  which  is  exactly 
the  smoking  gun  of  a  modularized  ver¬ 
sion  of  Windows!  Then,  too,  he  overlooked 
the  confusion  among  Windows  customers 
who  have  moved  from  Windows  3.1  to 
Windows  95  through  Windows  NT  to 
Windows  ME,XP  and  2000.  A  shifting  land¬ 
scape  of  user  interface,  utilities  and  ser¬ 
vices  through  all  these  changes  would 
(and  has)  confused  me  a  lot  more  than 
modularization. 

Hewlett  tried  to  prove  that  HP’s  Carly 
Fiorina  threatened  Deutsche  Bank  with 
the  loss  of  business  unless  it  voted  in  favor 
of  the  merger.  If  the  merger  failed,  Fiorina 
would  be  gone  and  most  likely  her  execu¬ 
tive  team  would  also  go  —  including  the 
folks  who  negotiate  banking  arrange¬ 
ments.  Because  Deutsche  Bank  already 


has  a  good  relationship  with  HP  it  would 
have  needed  extraordinary  evidence  to 
jeopardize  it  simply  so  Hewlett  would 
have  a  place  to  eat  lunch  once  a  month  or 
so.  Hewlett  seemed  somewhat  stunned 
that  HP’s  board  of  directors  removed  him 
from  the  slate  offered  for  election  a  few 
hours  after  he  filed  the  suit.  He  evidently 
didn’t  feel  the  need  to  share  that  informa¬ 
tion  with  HP  when  they  were  inviting  him 
to  stand  for  reelection  to  the  board. 

In  both  cases,  we’ve  got  players  who  see 
themselves  as  defenders  of  tradition 
(The  HP  Way,  the  Microsoft  hegemony) 
playing  Don  Quixote  when  they  should 
be  able  to  read  the  tea  leaves,  see  the 
writing  on  the  wall  and  come  to  grips 
with  reality.  It’s  well  past  time  for  both  to 
negotiate  the  best  deal  they  can  and 
gracefully  leave  this  particular  playing 
field  (the  courts)  so  their  respective  busi¬ 
nesses  can  get  back  on  track  and  deal 
with  the  post-legal  environment  in  which 
they’ll  have  to  survive. 


Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@vquill.  com. 


Tip  of  the  Week 


r  There's  a  great  new  book 
I  by  Gartner  Vice  President 
Richard  Hunter  called  “World 

Without  Secrets:  Business, 
Grime  and  Privacy  in  the  age 
of  Ubiquitous  Computing."  It’s 
all  about  the  coming  end  of 
;  ’  privacy,  the  rise  of  “network 
armies"  (like  the  Open 
: :  Software  advocates)  and  the 
Pj  changing  face  of  technology. 
tMl  It  needs  a  good  editor,  but  it’s 
*  well  worth  reading. 


Acirro  manages  distributed  data 


■  BY  DENI  CONNOR 

SAN  JOSE  —  Storage  vendor 
Acirro  tends  to  marooned  data  — 
it  helps  customers  manage  file- 
level  storage  data  on  different 
devices,  in  separate  geographic 
locations,  in  departments  and  on 
different  networks  as  if  it  were 
part  of  a  common  pool  of  data 
located  on  a  locally  attached 
device. 

The  company’s  product  Acu- 
mula  —  named  after  cumulus 
cloud  formations  —  gathers 
metadata  that  can  be  stored  in 
files,  rather  than  individual  data 
files,  from  distributed  network- 
attached  storage  (NAS),  direct- 
attached  storage  (DAS)  and  Fibre 
Channel  storage-area  network 
(SAN)  devices  so  it  can  be  moni¬ 
tored  and  managed  from  one 
location. 

Acumula  uses  a  consolidated 
file  system  called  the  Global 
Distributed  File  System  (GDFS) 
that  sits  on  top  of  two  common 
file  systems  —  the  Unix  Network 
File  System  and  Windows 
NT/2000  Common  Internet  File 
System  (CIFS)  —  and  lets  users 
see  files  as  if  they  were  attached 
to  a  local  drive. 

“These  guys  are  doing  a  file  sys¬ 
tem  that  virtualizes  all  the  NAS, 
[DAS  and  SAN]  boxes  you 
choose,  in  the  LAN  and  WAN,” says 
Steve  Kenniston,  technology  ana¬ 
lyst  for  Enteiprise  Storage  Group. 
“The  uniqueness  of  this  package 
is  that  it  sits  on  top  of  any  file  sys¬ 
tem,  doesn’t  replace  what  you 


already  have  and  handles  only 
metadata  [and  not  actual  files]  so 
there  are  no  overhead  worries.” 

Acumula’s  metadata  is  transmit¬ 
ted  over  IP  from  each  device 
using  a  proprietary  asynchronous 
protocol  called  File  Distribution 
Protocol,  which  Acirro  says 
reduces  the  latency  associated 
with  distributed  file  systems. 
Block-level  Fibre  Channel  storage 
area  network  (SAN)  data  can  join 
in  as  long  as  its  data  is  represent¬ 
ed  as  file-type  data  by  a  NAS/SAN 
gateway  letting  all  network  data 
be  joined  in  the  same  pool. 

Acirro’s  GDFS  uses  Windows 
Explorer  interface  to  view  data. 
Because  Acirro  says  that  80%  of 
the  data  on  the  network  is  dor¬ 
mant,  its  software  determines 
which  metadata  will  be 
cached  locally  based  on  a 
process  called  pruning. 
Pruning  doesn’t  actually  pare 
down  the  amount  of  data  rep¬ 
resented,  but  chooses  those 
20%  of  files  that  are  used  most  v 
often  on  the  network. 

The  company  is  not  without 
competition.  A  number  of  ven¬ 
dors,  including  Exanet,  Fujitsu 
Softek,  Sanbolic,  NuView,  Z-Force, 
Spinnaker  Networks  and  Scale 
Eight,  make  software  or  hardware 
that  approximates  what  Acirro’s 
Acumula  does.  Some  vendors, 
such  as  Exanet,  Z-Force  and  Spin¬ 
naker,  have  hardware  devices 
and  software  that  aggregate  stor¬ 
age.  Others,  such  as  NuView,  1 
Vision  and  Scale  Eight,  have  soft¬ 
ware  only  NuView  and  1  Vision 


Gathering  data 


Acumula  collects  data  from  geographically  separated 
network-attached  storage  devices  so  it  can  be  managed, 
replicated  and  accessed  as  if  it  were  local  storage. 


F3e  E  V  Vtow  Fwcntes  rook  rtefc 
4->Back  <*  J  $  i^5e»ch 


A  menu  along  the  top  lets  administrators  set  and 
view  thresholds  that  have  been  exceeded. 
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A  menu  along  the 
left  side  lets 
administrators 
choose  NAS  to 
monitor,  configure 
or  manage.  handle  only 
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CIFS  data.  Scale  Eight  recently 
restructured  from  a  service 
provider  focus  to  a  software 
provider. 

No  agent  resides  on  individual 
nodes  such  as  in  the  NuView 
product,  the  company  says,  and 
data  is  gathered  via  SNMP  and 
proprietary  APIs  it  uses.  The  soft¬ 
ware  runs  on  industry-standard 
Intel  servers  using  Win  NT  or 
2000;  it  is  managed  via  a  browser- 
based  interface. 

As  NAS  nodes  are  added  into 
the  network,  the  host  software  rec- 


This  screen  capture  show  the  amount  of 
available  space  on  a  NAS  device  located 
in  San  Jose  over  a  10-hour  period. 


ognizes  them  and  adds  them 
dynamically  into  the  pool  so  they 
can  be  managed  and  monitored. 
As  NAS  nodes  fail, their  load  is  dis¬ 
tributed  across  the  pool  of  net¬ 
work-attached  nodes. 

The  company,  founded  in  May 
2000  and  funded  by  Raza  In¬ 
dustries  for  $9.5  million,  has  41 
employees,  most  of  them 
engineers. 

An  Acumula  node  is  required  at 
each  enterprise  site.  Each  node  is 
$7,500.  An  additional  $2,500  is 
required  for  each  250G  bytes 
managed. 

Acirro:  www.acirro.com 


Cisco 
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nice  thing  to  have.” 

In  addition  to  in-line  power, 
the  3700  series  routers  can 
boost  support  for  Cisco’s 
Survivable  Remote  Site 
Telephony  (SRST)  from  48  to 
140  phone  users.  SRST  lets  end 
users  connect  to  the  public 
switched  telephone  network 
and  have  limited  call  control 
features  in  case  a  branch-office 
WAN  link  is  cut  off  from  a  cen¬ 
tral-office  Cisco  CallManager 
IP  PBX. 

The  Cisco  2691  is  the  latest 
2600  series  router.  It  provides 
the  most  VPN  throughput  of 
any  2600  box  —  15M  bit/sec  of 
IP  Security  Triple-DES,  which  is 
twice  as  fast  as  previous  2600 
models,  according  to  the  com¬ 
pany.  For  smhll  branch  offices, 
the  2600MX  router  can  provide 
QoS  for  data  traffic  sent  over 
DLS  connections  and  other 
WAN  interfaces,  and  supports 
all  standard  Cisco  WIC  and  AIM 
cards.  The  1760  provides  simi¬ 
lar  functions, but  comes  in  a  19- 
inch  rack-mountable  enclo¬ 
sure. 

The  3725  and  3745  cost 
$12,000  and  $8,500,  respectively, 
while  the  2691  costs  $6,300  and 
the  2600XM  $4,200.  The  rack- 
mountable  1760  is  priced  at 
$1,600,  and  the  1721  costs 
$1,200. 

The  827H,  77H  and  71  SOHO 
routers  cost  $650,  $550  and 
$350,  respectively.  All  products 
will  be  available  at  the  end  of 
the  month. 

Cisco:  www.cisco.com 
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Bridges:  Taking  wireless  to  the  wide  area 


■  BY  JOHN  COX 

Wireless  802.1  lb  bridges  can  stretch  the  meaning 
of  the  word  “local”  and  give  business  users  unex¬ 
pected  flexibility  in  extending  corporate  LANs. 
An  802.1  lb  bridge  essentially  is  a  media  access  con¬ 
trol-level  wireless  access  point  that’s  been  configured 
slightly  differently.  Bridges,  as  the  name  implies, simply 
pass  incoming  wireless  packets  to  one  or  more  corre¬ 
sponding  bridges.  With  these  wireless  bridges,  network 
executives  quickly  and  inexpensively  can  extend  a 
wireless  LAN  by  several  hundred  feet  to  a  mile  or  more. 
With  specialized  antennae,  the  distance  could  be  up  to 
5  or  6  miles. 

Almost  all  wireless  LAN  vendors  offer  these  products. 
Cisco,  Agere,  Enterasys  Networks  and  Symbol  Tech¬ 
nologies  are  among  the  leading  suppliers,  but  others 
that  offer  very  inexpensive  bridges  include  LinkSys  and 
Breezecom.  Prices  range  from  $400  to  almost  $2,000. 
Some  come  with  general-purpose  antennae,  others  with¬ 
out, so  businesses  can  add  specialized,  high-gain  anten¬ 
nae  for  longer  distances  or  tightly  focused  transmission 
beams.These  antennae  can  add  $300  to  $1,000  to  the 
bridge  price. 

These  wireless  connections  traditionally  are  an  alter¬ 
native  to  leased,  wired  links,  such  asT-1  lines,  eliminating 
the  monthly  telephone  company  charges  and  wait  for 
activation,  which  some  users  report  can  take  weeks  or 
even  months.  Bridges,  as  with  802. 1 1  b  access  points,  typ¬ 
ically  have  an  actual  throughput  of  3M  to  5.5M  bit/sec, 
well  above  the  1.54M  bit/sec  of  aT-1. 

In  Enfield,  Conn.,  Charlene  Bond,  the  town’s  director  of 
IT,  estimates  the  municipality  saves  about  $3,000  per 
year  in  recurring  telco  charges  by  using  the  bridges.The 
town  has  five  Enterasys  wireless  bridges.These  fit  the  tra¬ 
ditional  usage  pattern: They  form  a  wireless  connection, 
using  the  unlicensed  2.4-GHz  band,  between  two  or 
more  wired  LANs. 

But  the  municipality  now  is  experimenting  with  wire¬ 
less  LANs:  one  in  a  historical  building  where  network 
cabling  could  damage  or  disfigure  architectural  fea¬ 
tures,  and  another  that  will  let  wireless  laptop  users  con¬ 
nect  to  the  network  in  various  conference  rooms.  In 
both  cases,  the  bridges  can  tie  these  users  into  the 
town’s  applications. 

“It's  been  very  reliable  and  very  adequate  [in  band¬ 
width], "Bond  says. 

Out  with  the  old 

In  some  cases,  802. 1 1  b  bridges  replace  older,  more 
costly  and  proprietary  high-bandwidth  microwave 
(often  dubbed  “fixed  wireless")  bridges.  Fixed  wireless 
vendors,  such  as  Wi-Lan  and  RadioLAN,  claim  to  at  least 
double  the  actual  throughput  over  longer  ranges,  for 
more  users,  with  higher  security  RadioLAN  has  just  intro¬ 
duced  its  Campus  BridgeLink-Lite,  which  uses  the  same 
radio  technology  as  the  other  BridgeLink  products  but 
is  simpler  to  install.  It’s  aimed  at  enterprise  applications. 
Devices  can  be  separated  by  about  a  mile,  and  at  less 
than  $2,000  it  competes  with  the  802.1  lb  bridges. 

Distances  vary  greatly  for  802.1  lb  bridges. Some  net¬ 
work  integrators  say  that  in  mountain  ranges,  with  high- 
gain  antennae,  they  can  forge  connections  nearly  40 


miles  long.  Cisco  recommends  a  maximum  distance  of 
about  18  miles.  But  in  the  majority  of  cases,  installations 
are  less  than  3  miles.They  even  can  be  used  within 
buildings  or  building  complexes, such  as  auto  assembly 
lines  and  shipping  centers. 

One  version  of  in-building  bridging  is  the  “workgroup 
bridge,”  which  can  group  up  to  eight  client  devices  and 
wirelessly  connect  the  devices  to  an  802.1  lb  access 
point. 

/ - \ 

Building  a  bridge 

A  wireless  bridge  can  extend  the  reach  of  a 

wireless  LAN  by  a  few  hundred  feet  to  a  few 

miles.  Wireless  bridges  have  many  facets: 

Benefits  Disadvantages 

•  Connect  separate  wire-  ' 
less  LANs  together. 

•  Link  wireless  LANs  to 
wired  nets  or  broadband 
Internet  access. 

•  Bring  wireless  Ethernet 

bandwidth  to  unex-  ' 

pected  locations. 

•  Low-priced,  no  recur¬ 
ring  costs. 

Where  can  wireless  bridges 

have  the  biggest  impact? 

•  Temporary  networks. 

•  Tying  stand-alone  wireless 
LAN  hot  spots  together. 

•  Creating  long-distance  links 
to  wired  nets. 

I _ _ _ Z _  J 

“The  devices  are  wired  to  the  bridge,  which  acts  like  a 
wireless  [network  interface]  card  for  printers,  older 
computers  and  other  devices,”  says  Kenny  Blankenship, 
network  consultant  with  InterNetwork  Experts,  an 
Addison, Texas,  network  integrator  specializing  in  Cisco 
wireless  LANs. 

Wireless  LANs  in  a  large  warehouse  could  hop  via  a 
bridge  across  a  street  to  connect  to  a  wired  administra¬ 
tive  network,  without  the  need  to  dig  up  the  street  or  a 
parking  lot  to  lay  cable. 

This  extensibility  has  some  surprising  payoffs.The  wire¬ 
less  network  can  become  portable:  It  can  be  set  up  in 
temporary  locations  at  disaster  sites,  exhibition  halls  or 
a  parking  lot,  and  bridged  to  wired  networks.  In  what  are 
being  dubbed  “town-area  nets,”  bridges  link  so-called 
“hot  spots” —  wireless  LANs  at  a  town  hall,  a  recreation¬ 
al  center,  the  local  library,  the  highway  department  and 
the  like. 

GlobalNet  is  a  wireless  ISP  in  Boseman,  Mont. .that 
exploited  this  extensibility. The  company  worked  closely 
with  Symbol  to  modify  one  of  Symbol’s  bridges  and 
fine-tune  the  802.1  lb  wireless  protocol  for  outdoor  use. 
The  result  is  a  ready-to-instal!  wireless  bridge  that 
mounts  on  the  building  or  roof  of  a  business  or  resi¬ 


dence.  A  Category  5  cable  runs  from  the  bridge  inside 
to  an  Ethernet  router,  for  a  wired  LAN,  or  an  access 
point,  for  a  wireless  one. 

In  effect,  GlobalNet  uses  802.1  lb  as  the  wireless  “last- 
mile”  connection  for  its  network  customers,  says  Scott 
Johnson,  GlobalNet’s  CEO. The  customer-mounted 
bridges  connect  to  another  bridge,  often  on  a  grain  ele¬ 
vator  in  the  Midwest.  Eventually, several  of  these  connec¬ 
tions  terminate  at  a  managed  switch.  Finally,  they  are 
brought  to  a  terrestrial  T-l  orT-3  link  at  a  consolidation 
site  owned  by  carriers  such  as  AT&T  or  WorldCom,  by¬ 
passing  the  need  for  local-loop  fees  paid  to  local  ex¬ 
change  carriers. 

But  reaping  these  benefits  can  take  some  work.  De¬ 
ploying  multiple  bridges  requires  some  care,  especially 
in  more  complex  networks,  says  Yangmin  Shen,  director 
of  technical  marketing  for  Symbol. 

Complicated  planning 

Bridges  can  complicate  bandwidth  planning,  he  says. 
Wireless  bandwidth  decreases  as  distance  increases.  If 
customers  aren’t  careful,  Shen  says,  they  could  create  a 
choke  point,  where  connections  to  two  access  points 
(and  hence  with  a  theoretical  total  of  22M  bit/sec 
incoming)  could  overwhelm  the  1 1 M  bit/sec  link  outgo¬ 
ing  to  a  third  access  point. 

“Your  throughput  is  limited  by  the  weakest  [slow¬ 
est]  link,” Shen  says.“You  have  to  be  smart 
about  how  to  relay  your  data.”  Unless  you’re  care¬ 
ful, you  could  inadvertently  create  a“loop”con- 
figuration  in  which  broadcast  traffic  circles  the 
network  endlessly 

Another  deployment  issue  is  that  802.1  lb  wire¬ 
less  is  half  duplex:  In  bridging, you  have  to 
choose  the  wireless  channels  carefully  because 
when  Point  Y  is  transmitting  to  Point  Z,the  latter 
can’t  be  transmitting  to  the  former  at  the  same 
time.“Switching  directions  during  transmission 
will  cause  delays,”  Shen  says.“You  have  to  factor 
that  in.” 

Delays  also  occur  with  every  wireless  “hop.”  If  a  packet 
makes  too  many  hops,  the  time  (or  latency)  required  to 
get  from  one  end  of  the  network  to  the  other  will  cause 
the  Ethernet  packet  to  timeout,  with  transmissions 
being  incomplete.This  is  especially  true  if  you’re  hop¬ 
ping  wireless  LANs  as  if  they  were  beads  on  a  string. 
One  solution  is  to  reconfigure  the  network  so  that  a 
bridge  can  act  like  a  hub,  with  wireless  access  points 
radiating  out  from  it  like  spokes  on  a  wheel.  In  such  a 
configuration,  each  endpoint  makes  only  one  hop  to 
any  other  endpoint. 

Another  solution  is  to  use  a  bridge  that  is  “compati¬ 
ble”  instead  of  “compliant”  with  802.11b.  Like  GlobalNet 
and  Symbol,  Cisco  increased  the  time  it  takes  for  an 
802.1  lb  packet  to  timeout  so  that  its  Aironet  350  bridge 
can  reach  farther  to  wireless  clients, says  Ron  Siede, 
product  line  manager  with  Cisco’s  wireless  network 
group. 

A  wireless  bridge  requires  a  line-of-sight  path  to  its 
companion  bridge. That  line  of  sight  can  be  cluttered  by 
foliage  and  plant  or  tree  growth  in  the  summer.  It  also  is 
more  difficult  for  2.5-GHz  signals  to  get  through  foliage 
that  is  wet  or  that  has  high  water  content.  ■ 


Bandwidth 
management 
becomes  more 
complicated. 

Potentially  greater 
security  risk. 

Requires  line-of- 
sight  path  between 
bridges. 


Not-so-fun  fact 

The  tinted  glass  used  in 
some  office  buildings  is 
an  almost  perfect 
barrier  to  wireless 
signals.  In  this  case,  look 
for  a  rooftop-to-rooftop 
line  of  sight  instead. 


Mil 
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HP  Blade  servers  are  here. 

The  most  flexible  way  to 
manage  your  infrastructure. 

Radical  simplicity.  Extraordinary  flexibility.  HP  Blade  servers  are  about 
to  forever  change  the  way  you  look  at,  manage  and,  yes,  even  maneuver 
through  your  data  center. 

They  are  complete,  ultra-dense  servers  on  single  modular  cards  — including 
processor,  memory  and  all  network  connections  — that  come  with  a  choice  of 
Linux,  Windows'  or  HP-UX. 

Easier  to  manage  and  maintain. 

This  elegant,  standards-based  design  allows  you  to  easily  combine  server, 
storage,  networking,  appliance  and  management  blades  in  the  same  38-slot 
chassis,  then  reconfigure  on  the  fly  to  handle  expanding  or  contracting  workloads. 

Each  blade  connects  to  the  network  infrastructure  already  embedded  in  the 
chassis,  dramatically  cutting  the  number  of  cables  needed.  With  far  fewer  cables 
to  fuss  with,  they're  far  easier  to  manage  and  maintain  than  conventional  servers. 
Even  management  is  shared.  Which  means  all  38  blades  can  be  viewed  and 
monitored  as  a  single  system. 

More  efficient  and  reliable. 

Since  all  blades  in  the  chassis  share  the  same  power  and  cooling  source, 
they're  also  more  energy  and  space  efficient.  In  fact,  you'll  find  HP  Blade  servers 
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reduce  the  typical  number  of  fans  and  power  supplies 
required  by  as  much  as  60%. 

The  reliability  advantages  of  moving  to  blades 
are  profound.  To  give  you  some  perspective,  imagine 
building  a  server  cluster  solution  that  is  comparable  to 
a  fully  loaded  HP  Blade  server  cabinet.  The  projected 
annual  failure  rate  of  the  HP  Blade  server  solution  is 
about  41%  lower  than  that  of  the  comparable  server  cluster. 

In  the  unlikely  event  that  a  blade  should  fail,  the  problem  is  isolated  in  the 
same  way  that  multiple  systems  connected  by  I/O  are  isolated  from  each  other. 

Is  your  server  as  sharp  as  a  blade? 

Servicing  a  blade  is  as  easy  as  deploying  one.  Each  blade  is  freely  accessible 
from  both  the  front  and  rear  of  the  cabinet  and  can  thus  be  replaced  at  a  moments 
notice.  Each  slot  can  be  powered  on  or  off  separately.  Hot-swap  and  hot-plug 
technology  is  implemented  throughout,  allowing  for  the  seamless  addition  or 
replacement  of  blades  while  the  rest  of  your  infrastructure  continues  to  hum. 

We  invite  you  to  read  our  technical  white  paper  on  HP  Blade  servers. 
Or,  better  yet,  talk  directly  with  one  of  our  infrastructure  specialists  to  find 
out  more  about  how  HP  Blade  servers  can  change  the 
face  of  your  business.  Give  us  a  call  at  1.800.HPASKME, 
extension  246.  Or  visit  www.hp.com/go/infrastructure. 

Infrastructure:  it  starts  with  you.  invent 
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THE  GOOD  NEWS  IS,  YOU  NOW  HAVE  MORE  VALUABLE 
INFORMATION  COMING  INTO  YOUR  BUSINESS  THAN  EVER  BEFORE. 

BUT  THEN,  THAT'S  ALSO  THE  BAD  NEWS. 


BrightStor™  Storage  Resource  Manager 

The  smart  alternative  to  managing  your  storage. 

You  never  thought  you  could  have  too  much  of  a  good  thing  when  it  came  to 
critical  business  information.  But  now  the  time  has  come.  That's  why  it's  more 
important  than  ever  to  have  the  right  software.  With  BrightStor  Storage  Resource 
Manager,  you  can  finally  get  a  firm  handle  on  all  your  assets.  BrightStor™  works 
across  multiple  platforms,  protocols,  and  applications,  so  you  can  tap  into 
information  throughout  your  enterprise,  wherever  it  may  be.  As  a  result,  you  can 
truly  leverage  your  resources,  making  them  work  for  you  like  never  before.  And  the 
downside?  There  isn't  one.  To  find  out  more,  go  to  ca.com/brightstor/srm  today. 


Computer  Associates™ 


HELLO  TOMORROW™ 


WE  ARE  COMPUTER  ASSOCIATES 


THE  SOFTWARE  THAT  MANAGES  eBUSINESS 
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■  E-COMMERCE  ■  SECURITY 

■  NETWORK  MANAGEMENT  ■  DIRECTORIES 


Takes 

■  McAfee  Security  this  week  will 
announce  WebShield  2.5,  an  updat¬ 
ed  version  of  its  antivirus  scanning 
gateway  appliance,  adding  an  IP 
routing  to  better  manage  traffic 
back  and  forth  between  the  gate¬ 
way  and  desktops.  Before,  adminis¬ 
trators  had  to  add  custom  logon 
scripts  on  the  desktop  to  manage 
the  traffic  routing  to  WebShield, 
which  starts  at  $2,450. 
www.mcafeeb2b.com 

■  Sanctum  last  week  announced 
Version  3.0  of  its  AppScan  applica¬ 
tion  security  audit  tool,  adding  a 
bundle  of  enhancements  to  the  prod¬ 
uct’s  testing  and  reporting  features, 
and  boosting  its  performance. 
AppScan  performs  automated  tests 
on  applications  to  determine  if  they 
are  vulnerable  to  security  problems. 
AppScan  follows  what  the  company 
calls  a  “positive  security  model," 
testing  its  applications  to  ensure 
that  they  do  only  what  they’re 
intended  to,  as  opposed  to  prevent¬ 
ing  all  unintended  actions,  the  com¬ 
pany  says.  The  program  is  designed 
to  be  used  as  part  of  the  application 
development  process  so  that  vulner¬ 
abilities  can  be  caught  before  soft¬ 
ware  is  deployed.  AppScan  3.0  will 
be  available  this  month  for  $15,000 
per  year  for  one  user.  Licenses  for 
auditors  are  priced  depending  on 
tasks  and  sold  in  30-day  packages. 
www.sanctum.com 

■  Okena  has  announced  Storm- 
Watch  3.0,  the  third  version  of  its 
behavior- based  intrusion-prevention 
software,  adding  support  for  Sun 
Solaris.  The  software  currently  runs 
on  Windows  NT  and  Windows  2000. 
StormWatch  3.0,  which  costs  $85, 
will  be  able  to  work  with  Check  Point 
Software's  VPN -1  client  software  in 
a  way  that  lets  VPN-1  enforce  use  of 
Okena  before  allowing  access  to  the 
VPN-1  gateway.  StormWatch  3.0, 
which  starts  at  $1,500  per  server,  is 
expected  to  ship  next  month,  www 
.okena.com 


Oracle  embraces  outsourcing 

Company  expects  better  support,  incentives  will  bring  in  extra  revenue. 


■  BY  JOHN  COX 

After  2  1/2  years  of  boasting  and  bum¬ 
bling,  Oracle  finally  might  be  hitting  its 
stride  with  its  enterprise  outsourcing 
business. 

The  database  giant  has  made  some 
wrenching  internal  changes  in  the  past  18 
months  to  make  outsourcing  a  major 
source  of  future  revenue.  Customers  who 
rely  on  an  Oracle  data  center,  or  a  third 
party,  to  host  and  maintain  their  Oracle 
applications  say  those  changes  have  led  to 
more  savings  and  better  customer  service. 

In  recent  months,  the  changes  at  what 
Oracle  now  calls  E-Business  Suite 
Outsourcing  include: 

•  Revamping  the  technical  support 
group  for  faster  response  time  and  more 
customer  focus. 

•  Linking  tech  support  to  Oracle  soft¬ 
ware  developers  for  faster  changes  and 
improvements. 


•  Adding  the  Oracle  9i  database  and  9i 
Applications  Server  to  its  outsource  offer¬ 
ings,  along  with  the  Oracle  1 1  i  E-Business 
Suite. 

•  Launching  a  new  effort,  with  incen¬ 
tives,  to  persuade  customers  upgrading  to 
E-Business  Suite  Hi  to  convert  to  an  out¬ 
sourcing  model  instead  of  running  the 
applications  in-house. 

Two  other  changes  are  not  evident  to 
customers  but  starkly  underline  Oracle’s 
seriousness  about  outsourcing.  In  the  past 
year, Oracle  finally  has  overhauled  its  sales 
compensation  package.  Now  sales  staff 
get  a  bonus  and  full  credit  for  a  software 
license  sale  whenever  a  customer  choos¬ 
es  the  outsource  option. 

They  also  got  an  order  from  Oracle 
Chairman  Larry  Ellison,  who  decreed 
about  four  months  ago  that  the  outsource 
option  be  presented  to  every  customer,  in 
every  deal. 

See  Oracle,  page  36 


Lessons  in  outsourcing 

Three  customers  of  Oracle’s  out¬ 
sourcing  business  cited  several  key 
lessons  they  learned  from  using  the 
service  in  a  2002  IDC  case  study 
commissioned  by  Oracle. 

•  Make  sure  your  Internet  connectivity 
provider  can  deliver  the  reliability  and 
throughput  you  need. 

•  Consider  hiring  someone  who  knows 
the  software  inside  out  to  manage  the 
relationship  with  the  Oracle  outsourcing 
division. 

•  Meet  with  Oracle  early  to  understand 
how  the  Oracle  support  structure  works, 
how  it  handles  problems,  and  so  on. 

•  If  you  don’t  have  experience  with  Oracle 
software,  explore  all  the  features  you’ll 
be  getting,  so  users  can  make  the  most 
of  it  from  Day  One. 


Quest's  tools  for  Active  Directory 


Directory  tester 


Quest  Software’s  Spotlight  on  Active  Directory  3.0  adds  a  diagnostic 
tool  called  Topology  Viewer,  which  provides  a  graphical  representation 
of  an  Active  Directory  infrastructure  and  helps  root  out  replication 
problems  within  the  Microsoft  directory. 


Users  can  click  on 
a  domain  controller 
hosting  an  Active 
Directory  replica 
and  run  a  diagnostic 
test  such  as  Repli¬ 
cation  Gap,  which 
shows  if  any  domain 
controllers  are  being 
left  out  of  the 
replication  loop. 
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Topology  Viewer 
lists  all  the  sites, 
domains  and 
domain  controllers 
running  within  a 
given  corporate 
network. 


■  BY  JOHN  FONTANA 

Quest  Software  last  week  released  new 
and  updated  versions  of  two  tools  for 
managing  Active  Directory  that  let  IT 
administrators  root  out  replication  prob¬ 
lems  and  more  tightly  control  access  to 
the  directory. 

Spotlight  on  Active  Directory 
3.0  is  a  diagnostic  tool  that  fea¬ 
tures  the  new  Active  Directory 
Topology  Viewer,  which  provides 
a  graphical  representation  of  a 
company’s  Active  Directory 
nodes  so  users  can  diagnose 
replication  and  synchronization 
issues. 

Quest  also  has  added  features  to 
ActiveRoles  4.1,  its  directory-enabled 
administrative  tool,  for  controlling  what 
help  desk  technicians  can  view  and  mod¬ 
ify  within  the  directory. 

The  tool  also  lets  administrators  edit 
and  set  group  policy  objects,  a  set  of 
objects  stored  in  the  directory  that  define 
security  and  software  usage  rights  for 
users  and  computers. 

With  Spotlight,  Quest  has  expanded 
the  tool’s  focus  to  cover  the  entire  topol¬ 


ogy  of  Active  Directory,  including  direc¬ 
tory  and  file  replication  and  time  syn¬ 
chronization. 

Replication  is  key  in  Active  Directory’s 


multimaster  world,  where  replicas  of  the 
directory  typically  are  spread  out  across 
an  organization.  Administrators  can  add 

See  Quest,  page  36 
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Documentum  eases  Web  classification 


Company’s  Content  Intelligence  Services  automates  content  management 


■  BY  CAROLYN  DUFFY  MARSAN 

With  corporate  Web  sites  con¬ 
tinuing  to  expand  at  a  rapid 
clip,  Documentum  last  week 
announced  an  add-on  to  its 
Web  content  management  plat¬ 
form  that  automatically  tags, 
categorizes  and  links  content 
for  easier  navigation  of  sites 
that  can  be  a  million  pages  or 
more. 

Documentum  Content  Intel¬ 
ligence  Services  automates  the 
process  of  creating  metatags 
and  keywords  for  precise 


searching  of  content  that  is 
available  on  internal  or  cus¬ 
tomer-facing  Web  sites.The  soft¬ 
ware  also  automates  cross- 
referencing  and  linking  of 
information  using  business 
rules. 

“The  goal  is  to  make  content 
more  easily  organized  and 
accessible,”  says  Whitney  Tid- 
marsh,  vice  president  of 
product  marketing  at  Docu¬ 
mentum. 

To  do  this,  the  software  bun¬ 
dles  eight  taxonomies  or  dic¬ 


tionaries  of  terms  for  industries 
such  as  financial  services,  ener¬ 
gy,  high  technology  and  life  sci¬ 
ences.  It  also  offers  taxonomies 
for  departments  such  as  mar¬ 
keting,  customer  service,  hu¬ 
man  resources  and  IT. 

Alternatively,  companies  can 
input  their  own  prebuilt  tax¬ 
onomies  into  the  system. 

Tidmarsh  says  Documentum 
is  the  first  Web  content  man¬ 
agement  software  vendor  to 
offer  an  array  of  taxonomies  at 
no  extra  charge. 


One  early  user  of  the  software 
is  BEA  Systems,  which  sells  Web 
application  server  software. 
BEA  used  to  need  a  staff  of  40 
people  to  manually  tag  and  cat¬ 
egorize  content  for  its  bea.com 
Web  site. 

Now  BEA  uses  Documentum’s 
software  and  has  reduced  its 
content  classification  staff  to 
two  people. 

Documentum’s  Content  Intel¬ 
ligence  Services  works  with  its 
E-Content  Services,  which  is 
server  software  that  supports 


Windows  and  Unix  operating 
systems. 

A  typical  Documentum  instal¬ 
lation  costs  $100,000,  Tidmarsh 

says. 

Documentum:  www.docu 

mentum.com 


Web 
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Oracle 

continued  from  page  35 

"The  fact  that  they’re  now  com¬ 
pensating  their  sales  reps  on  out¬ 
sourcing  sales  is  huge”  says  Amy 
Mizoras,  program  manager  for 
application  service  provider 
research  at  IDC.'They’re  the  only 
[software  vendor]  putting  their 
money  where  their  mouth  is.” 

And  a  big  mouth  it  has  been. 

Ellison  predicted  at  the  1999 
launch  of  Business  OnLine 
(BOL)  that  Oracle  would  reap  a 
huge  benefit  in  a  big  market:  He 
said  there  would  be  10,000  users 
working  with  Oracle-hosted 
applications  at  the  end  of  twelve 
months,  and  another  100,000  at 
the  end  of  two  years. 

The  reality 

The  reality  is  quite  different. 
Oracle  won’t  say  how  many 
users  work  with  outsourced  soft¬ 
ware.  “We  don’t  have  that  figure 
available,”  a  spokeswoman  says. 
After  2  1/2  years,  Oracle  claims 
200  customers  use  the  outsource 
option  for  E-Business  Appli¬ 
cations, such  as  finance  and  cus¬ 
tomer  relationship  management. 
About  200  more  customers  are 
using  the  database  and  applica¬ 
tions  server  in  a  year-long  pilot 
program,  according  to  Paige 
O’Neill,  senior  director  of  out¬ 
sourcing  marketing  for  Oracle. 

At  the  BOL  launch,  Ellison 
declared  that  Oracle  would  sell 
its  applications  to  third-party  out¬ 
sourcers  “over  my  dead  body 
Today,  these  same  companies  are 
valued  partners,  such  as 
Appshop  in  Fremont,  Calif.,  with 
nearly  as  many  applications  cus¬ 
tomers  as  Oracle. 

As  a  result  of  all  these  changes, 


fcfc  The  fact  that 
they're  now  compen¬ 
sating  their  sales 
reps  on  outsourcing 
sales  is  huge.  99 

Amy  Mizoras 

Program  manager, 

ASP  research,  I  DC 

Oracle  CFO  Jeff  Henley  modestly 
told  Wall  Street  analysts  in  March 
that  within  five  years,  Oracle’s 
outsource  revenue  “could”  reach 
$1  billion,  and  one  of  every  four 
current  Oracle  customers 
“could”  convert  to  outsourcing. 

Judging  by  the  experience  of 
two  of  those  customers,  Henley’s 
goals  might  well  be  achievable. 
Both  customers  say  that  one  of 
the  most  important  lessons  they 
learned  was  that  Oracle  could 
learn  from  its  own  mistakes. 

“1  give  a  lot  of  credit  to  Oracle,” 
says  Kyle  Lambert, vice  president 
of  information  services  for  John 
1.  Haas  in  Washington,  D.C.“They 
started  the  [new]  outsourcing 
model  very  cautiously.  As  they  go 
along,  they’re  adding  policies 
and  procedures  to  make  it  more 
robust.” 

Privately  held  Haas,  with 
about  125  full-time  staff,  is  the 
world’s  largest  grower  of  hops 
and  hops  products  in  the 
world,  Lambert  says.  “Any  out¬ 
sourcing  [deal]  is  really  a  rela¬ 
tionship,”  he  says.  “It’s  not  like 
getting  electricity  from  a  utility 
company.  You  have  to  be  in 
constant  communication  with 
your  service  provider  to  make 


sure  you’re  getting  what  you 
want.” 

“We  were  not  shy  at  all  about 
making  sure  they  knew  what  we 
needed,”  recalls  Brenda  Boyle, 
vice  president  of  IT  for  Empirix 
in  Waltham,  Mass.  The  company 
was  spun  off  from  Teradyne  in 
January  2001  to  create  software 
for  testing  Web  applications  and 
infrastructure.  Boyle  recom¬ 
mended  outsourcing  the  Oracle 
applications  suite  because  there 
was  not  enough  time  to  hire 
scarce  IT  staff  and  create  an 
infrastructure  from  scratch. 

True  believers 

“It  was  the  best  thing  we  ever 
did,” she  says,  with  the  conviction 
of  a  true  believer,  even  though 
when  she  signed  the  purchase 
order  with  Oracle,  “I  was  a  ner¬ 
vous  wreck.” 

Among  the  key  changes  Ora¬ 
cle  made,  Boyle  says,  were  cre¬ 
ating  a  dedicated  account 
management  team  for  Empirix, 
revamping  the  outsourcing 
group’s  technical  support  orga¬ 
nization  and  instilling  a  new 
customer  service  ethos. 

“Now  they’ll  send  you  proac¬ 
tive  e-mails  telling  you,  for 
example,  about  a  system  out- 


More  online! 

Is  outsourcing  a  necessary  evil? 
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age  —  the  root-cause  analysis, 
how  they’ll  keep  it  from  hap¬ 
pening  in  the  future,  and  so  on. 
They  do  a  good  job  of  keeping 
us  informed,”  she  says. 

Both  executives  say  the 
returns  have  been  dramatic. 
Lambert  says  he  expected  a 
cost  savings  of  20%.  Instead  the 
savings  in  running  the  applica¬ 
tions  was  45%.  The  greater  sav¬ 
ings  came  from  unanticipated 


Quest 

continued  from  page  35 

changes  to  any  one  of  the  repli¬ 
cas,  and  it  is  propagated  across 
all  copies  of  the  directory  It’s  a 
powerful  model,  but  one  that 
quickly  can  disrupt  the  unifor¬ 
mity  of  the  directory  if  some¬ 
thing  goes  wrong. 

“The  No.  1  complaint  we  hear 
from  clients  that  are  having  trou¬ 
bles  is  about  replication,”  says 
John  Enck,  vice  president  and 
research  director  for  Gartner.“lt’s 
either  poor  design  or  just  gener¬ 
al  troubles.  For  anybody  with  a 
complex  Active  Directory  envi¬ 
ronment,  they  should  probably 
look  at  this  tool.” 

Other  vendors  such  as  NetlQ, 
Aelita,  BindView  and  Full 
Armour  also  offer  Active  Direct¬ 
ory  management  tools. 

Spotlight  lets  users  run  diag¬ 
nostic  tests  on  any  links  within 
the  Active  Directory  infrastruc- 
ture.The  tool  provides  a  graphi¬ 
cal  view  of  every  directory 
replica  and  the  links  between 
them.  Users  can  click  on  the 
links  and  get  information  on 
gaps  in  replication  or  perfor¬ 
mance  problems. 

With  ActiveRoles  4.1,  Quest  is 


productivity  improvements,  he 
says. “We  were  able  to  decrease 
our  end-of-month  financial 
closing  time  by  25%,  and 
reduced  order-entry  time  by 
50%, ”  Lambert  says. 

Much  of  the  improvement  was 
due  to  the  fact  that  Oracle’s  data 
center  team  tuned  the  hardware 
and  software  performance  more 
efficiently  than  Lambert’s  IT 
group  had.B 


adding  Help  Desk  Provisioning, 
which  lets  senior  administrators 
restrict  views  of  directory  data 
for  help  desk  staff  who  may 
only  be  resetting  passwords  or 
changing  addresses  and  phone 
numbers. 

The  feature  works  only  with 
Quest’s  Web-based  administra¬ 
tive  client.  Quest  also  has  cen¬ 
tralized  the  management  of 
group  policy  objects  and  added 
support  for  nearly  150  policy 
objects  specific  to  the  Windows 
XP  Professional  desktop  operat¬ 
ing  system.  Quest  also  has 
enhanced  its  Business  Rules, 
which  manages  policies  on 
how  directory  data  can  be 
structured,  to  include  all  Active 
Directory  objects,  not  just  users, 
groups  and  computers. 

Likewise,  the  Business  Views 
features,  which  let  users  be 
grouped  regardless  of  where 
they  reside  in  the  directory,  now 
allow  for  dynamic  queries  such 
as  finding  all  users  tied  to  a  cer¬ 
tain  division. 

ActiveRoles  4.1  costs  $20  per 
managed  user.  Spotlight  on 
Active  Directory  3.0  costs  $1,495 
per  managed  domain  controller. 
Both  are  available  now. 

Quest:  www.quest.com 


Enterprise-Class  Features  and  Management... 
Plus  Money  Left  Over  to  Buy  Other  Goodies 
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Microsoft  Active  Directory  Service 


Journaling  File  System 


UNIX  Network  Information  Service 
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RAID  5,  1,  0 


ACLs 


Snapshots 


Backup  Agent  Support 
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Group  Quotas  for  UNIX 


Dual  Gigabit  Ethernet 

with  Failover  and  Load  Balancing 


Redundant  Hot  Swap  Components 


Introducing  Guardian7.".. Cost-Effective,  Simple 
Network  Attached  Storage  for  the  Enterprise 


Specs  •  1.4TB  •  3U  •  Dual  Gigabit 
Ethernet  •  Supports  Windows/UNIXJ 
Linux/Macintosh  Environments 

•  Journaling  File  System 

•  Standard  On-site  Support 

Security/Management  •  Microsoft  ADS 


•  UNIX  N1S  •  SNMP  •  SSL  •  SSH  •  Quotas 

for  Users  and  Groups'  •  File  and  Folder  Security  for  Users  and  Groups 

•  Kerberos  Authentication 


Availability  •  RAID  5,1,0  •  12  Hot-swappable  Disk  Drives 

•  Redundant,  Hot-swappable  Power  Supplies  and  Cooling  Fans 

•  Dual  Ethernet  for  Load  Balancing  and  Failover  •  Dual  Power  Cords 

Data  Protection  •  Snapshots  •  Backup  Agent  Support 

(VERITAS  NetBackup  and  Backup  Exec,  CA  ARCserve,  Legato  NetWorker) 

•  Server-to-Server  (S2S)  Synchronization  Software  •  Local  Backup  via 
SCSI  Port ’  •  APC  Smart-UPS  Support  •  Unlimited  User  License 
PowerQuest  DataKeeper  (for  Windows  Client  Backup) 


1.888.343.7627  •  www.quantum.com 


1.4TB/ 3U...under  $25,000 

The  new  Quantum  Guardian™  14000  server  eliminates  cost 
and  complexity  from  your  storage  infrastructure.  Deployment 
is  quick  and  easy,  with  no  downtime.  That  should  save  some 
headaches.  And  the  low  acquisition  cost  combined  with  its 
high  availability  and  minimal  administration  helps  you  live 
within  your  budgets.  Yet  you  still  enjoy  the  enterprise-class 
security,  management  and  performance  your  environment 
demands.  The  new  Quantum  Guardian™  14000  servers... 
building  blocks  for  simple,  scalable  storage  growth.  Visit 
www.quantum.com/Guardian  14000  for  an  interactive  demo. 
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In  their  zeal  to  protect  their  companies’ 
secrets,  some  corporate  managers  are 
mostly  succeeding  at  making  their 
employers  look  dumb  while  avoiding 
doing  anything  real.  The  following  trailer 
showed  up  recently  on  an  Internet  Engin¬ 
eering  Task  Force  public  mailing  list: 
(Name  changed  to  protect  the  silly) 
“Information  contained  in  this  E-MAIL 
being  proprietary  to  MyCo  is  ‘privileged’ 
and  ‘confidential’  and  intended  for  use 
only  by  the  individual  or  entity  to  which  it 
is  addressed. You  are  notified  that  any  use, 


Automatic  and  thus  meaningless 


copying  or  dissemination  of  the  informa¬ 
tion  contained  in  the  E-MAIL  in  any  man¬ 
ner  whatsoever  is  strictly  prohibited.” 

I  asked,  semipolitely  why  a  message  sent 
to  a  public  list  would  include  a  trailer 
claiming  that  the  e-mail  contained  propri¬ 
etary,  privileged  and  confidential  informa¬ 
tion.  The  sender  responded:  “It’s  company 
policy” and  that  all  e-mail  sent  by  anyone  in 
the  company  gets  the  trailer  added  auto¬ 
matically  by  the  mail  system. 

I  was  told  in  another  case  that  company 
policy  said  an  employee  could  not  get  a 
private  e-mail  address  elsewhere  (such  as 
Hotmail)  to  use  when  working  with  public 
mail  lists  to  avoid  the  trailers. 

This  means  that  company  lawyers  are  not 
doing  their  jobs  and  that  there  has  been  a 
triumph  of  form  over  substance.  The 
lawyers  have  substituted  an  automatic,  and 
mostly  invisible,  technical  solution  to  a  real 


process  problem.  In  doing  so  they  have  left 
the  problem  unsolved. 

The  use  of  the  trailer  in  the  cited  case  is 
meaningless  at  best.You  cannot  send  mail 
to  a  public  mailing  list  and  somehow  put  a 
legal  responsibility  on  the  readers  of  that 
list  not  to  disseminate  the  message.  Nor 
can  you  keep  the  mailing  list  operator  from 
archiving  messages  sent  to  the  list.  Both  of 
these  actions  would  be  violations  of  the 
above  trailer. 

The  first  time  I  saw  this  type  of  trailer  was 
on  mail  addressed  to  me  from  a  lawyer.  I 
can  see  the  possible  utility  of  such  a  trailer 
in  that  situation,but  even  there  I’m  not  sure 
that  I  would  be  bound  by  its  requirements 
if  the  letter  was  unsolicited,  and  I  had  no 
previous  relationship  with  the  lawyer. 

It  can  be  a  real  problem  when  confiden¬ 
tial  e-mail  gets  sent  to  the  wrong  person, 
and  it’s  reasonable  to  try  to  protect  oneself 


www.nwfusion.com 


in  case  this  happens.  But  it  seems  to  me 
that  overuse,  and,  in  particular,  automatic 
use  in  clearly  inappropriate  cases  reduces 
the  legal  strength  of  any  admonition.  So  at 
least  there  should  be  a  way  to  let  the  sys¬ 
tem  know  that  you  are  sending  mail  to  a 
public  forum  so  as  to  avoid  appending  the 
trailer. 

I  would  worry  about  other  aspects  of  any 
company  that  does  this  type  of  automatic 
trailer  addition.  If  the  lawyers  decided  not 
to  think  about  the  details  of  the  issues  in 
this  case,  what  else  have  they  skipped  over? 

Disclaimer:  Harvard  Law  School  does 
not,  to  my  knowledge,  offer  classes  in  skip¬ 
ping  —  so  the  above  observation  is  my 
own  nonlegal  one. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 


Adorno  bolsters  speech-recognition  product 


The  AdomoMobile  Communications  Server  appliance  plugs 
into  a  PBX  and  links  to  a  local  Microsoft  Exchange  server  to 
provide  phone-based  access  to  e-mail. 


■  BY  ELLEN  MESSMER 

CUPERTINO,  CALIF  —  Adorno, 
whose  speech-recognition  pack¬ 
age  lets  users  check  Microsoft 
Outlook  e-mail  via  phone,  is 
adding  a  way  for  business  users 
to  place  an  outbound  call  via 
Microsoft’s  Exchange  server  to 
answer  e-mail. 

The  dial-out  feature,  to  be 
included  in  the  second  version 
of  AdomoMobile  Commun¬ 
ications  Server  later  this  summer, 
will  provide  an  alternative  to 
Adorno’s  current  speech-activat¬ 
ed  response  to  e-mail,  which  lets 
a  user  dictate  a  digital-voice  mes¬ 
sage  that’s  stored  in  a  .WAV  file 
and  sent  to  a  recipient  who  can 
“listen”  to  it  on  a  multimedia  PC. 

“It  would  be  great  to  be  able  to 
do  this,”  says  Eric  Manuel,  deputy 
director  in  IS  at  the  National 
Renewal  Energy  Laboratory 
(NREL).the  Department  of  Energy 
lab  in  Golden,  Colo.,  about  the 
idea  of  placing  an  outbound  call 
via  e-mail.  NREL  installed  Adomo- 
MCS  four  months  ago  to  let 
employees  access  e-mail  via  the 
phone.  “Folks  using  this  need  to 
have  access  to  their  e-mail  while 
traveling  or  just  in  the  middle  of 
traffic  somewhere,”  he  says. 

AdomoMCS,  which  costs 
$12,000  for  50  to  100  users,  is  a 
server  appliance  that  plugs  into  a 
corporate  PBX  and  corporate 
LAN  for  access  to  a  local  Ex¬ 
change  server.  Using  a  phone,  a 
user  calls  a  business  number  re¬ 
served  for  the  AdomoMCS 
speech-recognition  server.  The 
caller  then  authenticates  his  iden¬ 
tity  by  speaking  his  user  ID  and 


personal  identification 
number. 

Once  authenticated 
to  AdomoMCS,  the  user 
gets  to  hear  his  e-mail 
read  to  him.  That  re¬ 
citation  could  be  limit¬ 
ed  to  just  the  sender’s 
name  and  mail  subject 
line  or  the  entire  text  message. 
Adorno  doesn’t  read  attachments. 

Users  can  tell  Adorno  to  delete 
mail.  Or  they  may  answer  it  by 
recording  a  digital  voice  message 
that’s  attached  as  a  .WAV  file  that 


■  BY  CAROLYN  DUFFY  MARSAN 

LEXINGTON,  MASS.  —  Ipswitch 
will  this  week  ship  a  new  version 
of  its  Windows-based  email  serv¬ 
er  software  that  lets  companies 
scan  outbound  messages  for 
spam,  viruses  and  inappropriate 
content.  The  new  features  are 
designed  for  network  managers 
who  are  concerned  about  legal 
liabilities  from  email  sent  by  their 
employees. 

IMail  Server  7.1  lets  network 
administrators  establish  complex 
rules  for  outbound  email  similar 
to  the  rules  already  available  for 
filtering  inbound  email.  Many 
other  email  server  software  pack¬ 
ages  require  plug-ins  or  third- 
party  offerings  to  filter  outbound 
email. 

IMail  Server  7.1  can  scan  out¬ 
bound  messages  and  attach¬ 
ments  for  words  and  phrases 
associated  with  viruses,  obscene 


can  be  heard  by  the  recipient  on 
a  multimedia  PC.  Linux-based 
AdomoMCS  makes  use  of  the 
World  Wide  Web  Consortium’s 
Voice  XML  standard  to  perform 
the  text-to-speech  conversion. 


language  and  confidential  infor¬ 
mation.  It  can  stop  messages  with 
large  attachments  or  executables, 
and  it  can  prohibit  mail  being 
sent  to  specific  domains  such  as 
competitors.  Administrators  can 
set  different  rules  for  different 
groups  of  users.  Messages  that 
break  the  outbound  rules  are 
automatically  quarantined  or 
redirected  to  senior  managers, 
with  a  warning  sent  to  the  end 
user. 

“People  are  going  to  be  gushing 
about  the  outbound  rules,”  says 
beta  tester  Sandy  Whiteman,  a 
senior  systems  engineer  with 
Cypress  Integrated  Systems, a  mail 
systems  integrator  in  New  York 
that  uses  and  recommends  IMail 
Server. 

“Companies  will  be  able  to  filter 
any  part  of  a  message  to  make 
sure  mail  is  not  going  to  their 
main  competitors  or  to  lifestyle 
sites,  Hotmail  or  Yahoo  accounts,” 


The  AdomoMCS 
doesn’t  need  to  match 
particular  voice  pat¬ 
terns,  says  Jeff  Snider, 
Adorno’s  CEO  and  co¬ 
founder.  Before  co¬ 
founding  Adorno  in 
1999  with  CFO  Jesper 
Stroe,  Snider  was  vice 
president  of  enterprise  sales  at 
Ericsson.  Earlier,  the  two  founded 
TouchWave,  a  start-up  whose 
voice-over-IP  gateway  was  sold  to 
Ericsson,  which  markets  it  as  the 
WebSwitch. 


Whiteman  says.They’ll  be  able  to 
search  for  corporate  secrets, 
names  of  competitors,  names  of 
internal  projects  as  well  as  spam 
and  porn.” 

Other  new  features  of  IMail 
Server  7.1  include  support  for 
128-bit  encryption  and  an  im¬ 
proved  administration  interface 
with  drop-down  menus  and 
checkboxes  that  make  it  easier  to 
customize  the  software. 

Whiteman  already  has  migrated 
his  10-person  company  to  IMail 
Server  7.1,  and  he  expects  the 
company’s  half-dozen  customers 
who  use  IMail  to  transition  to  the 
new  version,  too. 

Ipswitch  remains  one  of  the 
low-cost  leaders  with  the  latest 
version  of  IMail  Server,  analysts 
say  The  software  sells  for  $1,000 
for  up  to  250  users,  $1,500  for  up 
to  1,000  users  and  $2,000  for 
unlimited  use. 

IMail  Server  offers  Web-based 


Adorno  has  been  easy  to  set  up 
to  work  with  Exchange  5.5  and 
2000,  according  to  Keith  Hannah, 
network  administrator  at  the 
Institute  of  Child  Health  Policy  at 
the  University  of  Florida,  which 
has  used  phone-based  email 
access  since  AdomoMCS  came 
out  in  beta-test  version  last  year.  It 
requires  no  special  programming. 

Hannah  says  he  has  seen  only  a 
few  other  products,  primarily 
from  IBM  and  Lucent,  that  provide 
phonebased  access  to  email. 

Adorno:  www.adomo.com 


messaging  and  calendaring,  but 
none  of  the  other  features  of 
groupware  tools  such  as  Micre 
soft  Exchange  and  Lotus  Notes. 
While  IMail  Server  comes  with 
Web  mail  client  software,  the  soft¬ 
ware  typically  works  with  other 
email  client  packages  including 
Microsoft  Outlook,  Netscape 
Messenger  and  Eudora. 

IMail  Server  supports  all  the  key 
email  standards  including  Sim¬ 
ple  Message  Transfer  Protocol, 
Post  Office  Protocol,  Internet 
Message  Access  Protocol  and 
Lightweight  Directory  Access 
Protocol. 

Customers  of  IMail  Server  in¬ 
clude  ISPs,  small  and  midsize 
businesses,  and  large  organiza¬ 
tions  with  mobile  workers  such 
as  the  U.S.  Army.  Company  offi¬ 
cials  say  they  have  49.5  million 
users,  half  of  whom  are  over¬ 
seas. 

Ipswitch:  www.ipswitch.com 


Ipswitch  adds  outbound  mail  filtering  to  IMail 
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Dne  architecture.  Dne  switch  fa mily. 

One  solution  encompasses  your  entire  enterprise. 


■  •^Se'y-antstt 


The  first  complete  enterprise  wiring  closet,  LAN  core,  and  data  center  solution. 

Foundry  Networks’  Fastlron  Layer  2/3  switches  let  you  deploy  a  sinule  architecture  .  . ^  ""\T„ 

JetCoreY 

enterprise-wide  that  yields  higher  performance,  better  ROI,  and  lower  Total  Cost  As,c  — 

of  Ownership.  Fastlrons  have  unparalleled  port  density:  up  to  672  10/100  ports,  232  Gigabit  Ethernet 
ports,  or  14  10-Gigabit  Ethernet  ports  in  a  single  modular  system.  Featuring  sFlow,  Fastlron  switches 
provide  wire-speed  network  monitoring.  Plus  the  Fastlrons  offer  superior  QoS  and  multicast  capabil¬ 
ities,  wire-speed  bandwidth  management,  and  IronShield  security.  Learn  more  about  Fastlron  today  at: 
1.888.4  UR13C  LAN  (887-2652)  or  www.foundrynetworks.com/fi. 
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THIS  IS  YOUR  PRIVATE  FORCE  FIELD,  IMPERVIOUS 
TO  PEEPERS,  HACKERS  AND  X-RAY  VISION. 


This  is  the  Qwest  Virtual  Private  Network.  People  obsessed  with  privacy. 
Firewalls  and  security  standards  built  into  the  Qwest  OC-192  network,  one 
of  the  most  advanced  broadband  networks  in  the  world.  Keeping  your 
information  for  your  eyes  only.  This  is  securely  reconfiguring  your  network 
in  the  blink  of  an  eye.  This  is  you  sleeping  through  the  night  without  the 
cold  sweats.  This  is  realizing  private  isn't  private  enough  anymore.  This  is 
one  reason  more  than  half  of  the  Fortune  500®  ride  the  light. 
qwest.com  1-800-RIDE-QWEST  1-800-743-3793  ext  1315 


Voice  Solutions 


Data  Solutions 


Internet  Solutions 

I-  Virtual  Private  Network 


Managed  Solutions 


Q 


ride  the  light 

west 


Qwest  provides  Network  VPN  connectivity  in  the  United  States  and  select  countries  around  the  world.  In  the  states  ot  A Z,  CO,  IA,  ID,  MN,  MT.  NO,  NE.  NM.  OR.  SO,  UT,  WA  and  WY.  Qwest  provides  Internet  services  in  coniunction  with  a  separate  Global 
Service  Provider  (GSP)  that  provides  customers  connectivity  to  the  global  Internet.  Minimum  one-year  term  ot  commitment.  Local  loop  service,  additional  customer  equipment,  and  installation  additional.  ©2002  Qwest  Communications  International  Inc 
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Cisco  AWID  Partner  Program 


IN  A  WORLD  FULL  OF  ACRONYMS  AND  JARGON, 
I  often  wonder  if  the  simplicity  of  an  architectural 
approach  to  technology  solutions  gets  lost.  According 
to  the  Merriam-Webster  Collegiate  Dictionary,  a  definition  of 
the  word  architecture  is  "a  unifying  or  coherent  form  or 
structure."  Cisco  AVVID  (Architecture  for  Voice,  Video 
and  Integrated  Data)  is  an  acronym  that  describes  an 
architectural  approach  to  technology  that  unifies. 

Today  s  Internet  business  solutions  require  an  intelligent 
network  infrastructure,  and  Cisco  AWID  provides 
the  industry  an  enterprise-wide,  standards- based  net¬ 
work  architecture.  Cisco  AVVID  delivers  the  road 
map  for  unifying  business  and  technology  strategies 
into  one  cohesive  model. 

However,  as  the  economy  changes  and  savvy 
companies  change  with  it,  clearly  one  cannot  live 
and  work  in  a  vacuum.  Working  with  partners  is 
crucial  to  success  and  critical  in  meeting  changing 
customer  needs. 

The  Cisco  AVVID  Partner  Program  is  an  interoperabil¬ 
ity  testing  and  co-marketing  program  enabling  leading 
product  and  services  firms  to  deploy  innovative  e-business 
solutions.  The  program  provides  enterprise  customers 
with  information  regarding  Cisco  AVVID  partner  prod¬ 


ucts  and  services  that  an  independent  testing  facility  has 
tested,  verified  and  found  to  interoperate  with  a  specified 
version  of  Cisco  networking  technology.  Enabled  by 
Cisco  AVVID  and  key  partners,  these  solutions  foster 
innovation,  drive  industry  standards,  and  accelerate  the 
integration  of  business-critical  technologies  with  an  open, 
standards-based  network  architecture. 

The  seven  technology  solution  areas  in  the  Cisco 
AVVID  Partner  Program  are:  Content  Networking, 
Customer  Contact,  IP  Telephony,  IP  Videoconferencing, 
Network  and  Service  Management,  Security  and  VPN, 
and  Storage  Networking. 

The  next  few  pages  will  talk  about  ten  Cisco  AVVID 
partners,  along  with  their  customers,  as  they  speak  to  the 
success  and  simplicity  of  an  architectural  approach  to 
technology  solutions  and  the  many  benefits  attained  by 
working  together  through  the  Cisco  AVVID  Partner 
Program. 

Best  Regards, 

Michael  Swailes 

Director,  Enterprise  Marketing 

Cisco  Systems,  Inc. 


Total  Infrastructure  Support 


Today,  your  job  as  a  Network  Executive 

is  all  about  return  on  investment. You  must  ensure 
that  every  dollar  spent  on  technology  helps  your 
company  do  business  better,  faster  and  easier  than  ever 
before.  There  are  several  things  you  can  do  to  guar¬ 
antee  success. 

The  first  is  to  build  a  network  infrastructure  that 
is  capable  of  supporting  a  whole  range  of  applica¬ 
tions  and  services  like  VoIP,  unified  messaging,  cus¬ 
tomer  relationship  management,  e-commerce  and 
QoS.  This  requires  a  road  map  for  a  comprehensive 
network  architecture  that  provides  interoperability, 
addresses  quality  and  end-to-end  security,  covers 
management  and  monitoring,  and  paves  the  way  for 
future  services  that  we  have  yet  to  envision. 

Second,  find  partners  who  can  help.  With  a  myriad  of 
complex  technologies  and  issues,  it’s  far  easier  to  accom¬ 
plish  your  goals  with  skilled  and  knowledgeable  partners 
who  can  not  only  provide  the  equipment  and  software, 
but  who  also  understand  the  overarching  architecture. 


One  company — Cisco  Systems — is  building  total 
infrastructure  solutions  via  technology  partners,  and  then 
forging  relationships  with  Network  Executives  to  help 
them  implement  their  network  strategies  and  achieve 
their  business  and  ROI  goals.  The  Cisqp  AVVID  Partner 
Program  includes  partners  and  products  that  are  focused 
on  delivering  speed,  reliability,  cost  reduction  and  inter¬ 
operability  to  their  customers.  With  over  200  partners, 
and  growing,  the  Cisco  AVVID  Program  enables  tech¬ 
nologies  such  as  voice  and  video,  content  networking, 
VPNs,  security,  optical  networking  solutions  and  more. 
Read  on  to  learn  about  some  of  the  products,  services 
and  solutions  available  from  the  Cisco  AVVID  Program 
and  its  partners. 

Best  Regards, 

Evilee  Thibeault 
Publisher  &  CEO 
Network  World 
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IP  Contact 
Solution 
Answers 
the  Call 


arc 


A  new  software-based  contact  center 
positions  Contact  III  for  growth 


Brokerage 
Security  Is 
Right  on  the 

Money  ubizen 

KBC  Securities  turns  to  vve  secure  e-business 

a  managed  security  service  provider  to 
monitor  its  online  trading  system 


Contact  III,  a  unit  of  Pertemps,  a  large  U.K.- 

based  recruitment  agency,  had  a  humble  begin¬ 
ning — the  business  provided  contact  center 
services  with  a  few  agents  working  from  a  basement. 
About  the  time  the  company  had  evolved  to  55  seats 
over  two  offices.  Contact  III  faced  a  sudden  growth 
spurt.  Contact  Ill’s  largest  customer  needed  the  provider 
to  nearly  double  its  contact  center  capacity,  under  a  very 
tight  deadline.  Finding  the  right  contact  center  system 
was  paramount.  Moving  quickly,  the  Contact  III  team 
decided  on  a  “soft”  or  IP  contact  center,  based  on  a 
unique  combination  of  Cisco  CallManager  and  an  auto¬ 
matic  call  distribution  sys¬ 
tem  (ACD)  from  ARC 
Solutions,  a  Cisco  AVVID 
IP  Telephony  partner.  Calls 
are  now  routed  to  agents 
based  on  skill  level,  rather 
than  just  availability,  and  the 
center  can  handle  e-mail 
and  Web  inquiries  in  addi¬ 
tion  to  phone  calls.  Also, 
the  contact  center  manager 
has  a  host  of  reports  avail¬ 
able  at  a  few  clicks  of  the 
mouse.  Due  to  the  Cisco 
and  ARC  Solutions  IP 
Telephony  deployment. 
Contact  III  has  expanded 
to  a  flexible,  scalable,  fully 
featured  contact  center  that  is  better  able  to  serve  its  cus¬ 
tomers’  ever-changing  needs.  And  being  poised  for  future 
growth  is  a  value-add  for  any  business. 


Due  to  the  Cisco 
and  ARC  Solutions 
IP  Telephony 
deployment, 
Contact  III  has 
expanded  to  a 
flexible,  scalable, 
fully  featured 
contact  center 
that  is  better  able 
to  serve  its 
customers’ 
ever-changing 
needs. 


When  KBC  Securities,  Belgium’s  largest  broker¬ 
age  house,  launched  an  online  trading  applica¬ 
tion  two  years  ago,  security  was  the  overrid¬ 
ing  concern.  Like  most  financial  institutions,  KBC 
Securities  knew  it  could  not  afford  to  be  hacked  and 
break  trust  with  its  customers.  But  the  IT  organization 
was  aware  that  it  did  not  have  the  staffing  resources  to  take 
on  the  task  of  round-the-clock  monitoring  and  manage¬ 
ment  of  security  devices.  The  solution  for  KBC  Securities 
was  a  combination  of  Cisco  PIX®  firewalls  along  with 
Web  server  security  software  and  a  managed  security 
service  provided  by  Ubizen,  a  Cisco  security  and  VPN 
(virtual  private  network)  AVVID  partner.  The  Ubizen 

OnlineGuardian®  managed 


The  result  of  this 
relationship  between 
Cisco  and  Ubizen  is 
a  highly  secure  trading 
operation — with  no 
breaches  in  more 
than  two  years  of 
operations. 


security  service  provides 
24x7,  follow-the-sun  mon¬ 
itoring  and  management  of 
all  of  KBC  Securities’  fire¬ 
walls  from  security  opera¬ 
tions  centers  in  Europe  and 
the  United  States.  KBC 
Securities  also  installed 


Ubizen  DMZ/Shield™,  an 
application-level  firewall  designed  to  stop  malicious  attacks 
such  as  the  “Code  Red”  virus  as  well  as  denial-of-service 
attacks,  buffer  overflows  and  mere  password  snooping.  The 
result  of  this  relationship  between  Cisco  and  Ubizen  is  a 
highly  secure  trading  operation — with  no  breaches  in 
more  than  two  years  of  operations.  The  added  benefits  are 
continuous  coverage  at  about  half  of  what  it  would  cost 
KBC  Securities  to  monitor  and  manage  the  system  itself, 
as  well  as  increased  customer  confidence  in  the  security  of 
KBC  Securities’  Web  site. 


The  ARC  Solutions-Cisco  AVVID  IP 
Telephony  solution  for  Contact  III  can 
be  found  at: 

www.nwfusion.com/go/contact3 


The  Ubizen-Cisco  AWID  Security 
Services  solution  for  KBC  Securities 
can  be  found  at: 
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Authentication 

Is  Good  SECURE 

Medicine  computing 


Kindred  Healthcare’s  remote  access 
solution  enhances  patient  care  while 
protecting  privacy 


Kindred  Healthcare,  a  provider  of  long-term 

healthcare  services,  operates  hospitals  and  nursing 
homes  in  43  states  and  manages  53,000  employ¬ 
ees.  The  Louisville,  Kentucky-based  organization  knew  it 
needed  a  better  remote  access  method  for  mobile 
employees.  Physicians  and  administrative  personnel  who 
needed  to  access  network  applications  away  from  the 
office  were  frustrated  by  the  dial-up  access  method  they 
were  using.  In  particular,  dial-up  was  too  slow  for  doctors 
to  transmit  x-rays  and  other  high-bandwidth  images  from 
remote  locations.  Creating  a  secure  virtual  private  net¬ 
work  (VPN)  over  the 

With  this  two-factor 
authentication  system, 
along  with  state-of-the- 
art  security  technology 
from  Cisco,  Kindred 
Healthcare  is  in  a  good 
position  to  meet  HIPAA 
requirements. 


public  Internet  seemed 
an  obvious  choice. 
Kindred  Healthcare 
turned  to  Cisco  Systems 
and  Cisco  AVVID  part¬ 
ner  Secure  Computing 
for  an  end-to-end  solu¬ 
tion.  Cisco  supplied  the 
Cisco  VPN  3015 


Concentrator,  Cisco  Secure  Access  Control  Server  (ACS) 
and  Cisco  PIX®  firewalls,  while  Secure  Computing  pro¬ 
vided  Safe  Word™  Premier  Access™,  a  user  authentica¬ 
tion  and  authorization  technology.  With  this  two-factor 
authentication  system,  along  with  state-of-the-art  security 
technology  from  Cisco,  Kindred  Healthcare  is  in  a  good 
position  to  meet  the  requirements  of  the  Health 
Insurance  Portability  and  Accountability  Act  (HIPAA) , 
which  mandates  that  providers  demonstrate  robust  securi¬ 
ty  of  patient  records  by  April  2003. The  solution  also 
enables  Kindred  Healthcare  doctors  to  provide  more  effi¬ 
cient,  more  responsive  care  to  their  patients,  a  payback 
that’s  invaluable. 


Filtering: 

It’s  Academic 


Midway  Independent  Schools  provide  a 
broad  set  of 
acceptable  sites 
to  students  while  maximizing  bandwidth 


EMPLOYEE  INTERNET  MANAGEMENT 


The  Texas  Midway  Independent  School  District 

needed  a  way  to  safeguard  its  students  from  some 
of  the  adult  and  inappropriate  content  on  the 
Web.  Rather  than  trying  to  continually  monitor  individual 
Internet  access  from  all  1,200  of  its  student  workstations, 
Midway  chose  a  solution  that  combines  the  Cisco  PIX® 
Firewall  and  Cisco  Content  Engine  from  Cisco  Systems 
with  Internet  filtering  software  from  Websense,  a  member 
of  the  Cisco  AVVID  Partner  Program  for  security  and  vir¬ 
tual  private  networks  (VPNs).  Websense  Enterprise  soft¬ 
ware  works  with  the  Websense  Master  Database,  which 
consists  of  3.4  million  Web  sites,  providing  students  with 
an  array  of  approved  content  while  protecting  them  from 
unapproved  material. These  safety  measures  also  protect 

the  district's  federal  funding, 
which  would  be  in  jeopardy 
if  the  school  system  were 
found  to  be  in  violation  of 
the  Children's  Internet 
Protection  Act  (CIPA).The 
act  mandates  that  schools 
take  specific  precautions 
regarding  Internet  access.  In 
addition,  the  Cisco  and 
Websense  solution  includes 
a  reporting  rpechanism  that 
enables  the  school  district  to 
track  where  users  spend 
their  time  and  spot  when 
someone  tries  to  get  to  a 
banned  site.  The  Cisco  AVVID  relationship  between  Cisco 
and  Websense,  which  includes  product  interoperability 
testing  to  meet  the  Cisco  AVVID  interoperability  require¬ 
ments,  enables  Midway  students  to  safely  mine  the  rich 
resources  of  the  Internet. 


The  Cisco  AVVID 
relationship  between 
Cisco  and 
Websense,  which 
includes  product 
interoperability  test¬ 
ing  to  meet  the 
Cisco  AVVID  interop¬ 
erability  require¬ 
ments,  enables 
Midway  students  to 
safely  mine  the  rich 
resources  of  the 
Internet. 


The  Secure  Computing-Cisco  AVVID 
Security  and  VPN  solution  for  Kindred 
Healthcare  can  be  found  at: 


The  Websense-Cisco  AWID  Security, 
Content  Networking  and  Internet  filter¬ 
ing  solution  for  the  Texas  Midway 
Independent  School  District  can  be 
found  at:  www.nwfusion.com/go/midway 
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Fighting 

Infection 


A  multivendor  security  infrastructure  helps 
a  New  York  healthcare  provider  keep  its 
patient  data  safe 

New  York  City  Health  and  Hospitals  Corp. 

(NYCHHC) — the  largest  municipal  healthcare 
provider  in  the  country — needed  to  strengthen 
network  security.  The  date  was  approaching  when  all 
healthcare  providers  would  have  to  comply  with  the 
Health  Insurance  Portability  and  Accountability  Act 
(H1PAA),  which  mandates  the  privacy  and  security  of 
patient  data.  Also,  NYCHHC  was  not  doing  any  intrusion 
detection  on  its  corporate  wide-area  network  (WAN), 
leaving  it  vulnerable  to  attack.  NYCHHC  turned  to  a 
group  of  companies  that  could  deliver  an  end-to-end  net¬ 
work  security  solution.  The  companies  included  Cisco 
Systems;  netForensics,  a  Cisco  AVVID  partner  for  security 
and  virtual  private  networks  (VPNs);  Dimension  Data,  a 
Cisco  Global  Partner;  and  integrator  Computer  Horizons 
Corp.  The  solution  included  intrusion  detection  sensors, 

firewalls,  and  VPN  hard¬ 
ware  and  software.  The 
intrusion  detection  sys¬ 
tem  proved  its  worth 
during  the  pilot,  when 
the  centralized  team 
noticed  a  high  number  of 
authorization  failures  at  a 
remote  site.  That  site’s 
network  was  under 
attack  from  the  now- 
infamous  Sircam  virus, 
which  the  team  confined 
to  just  one  facility.  NYCHHC  is  now  looking  at  adding 
host-based  intrusion  detection  from  Cisco  and  Triple  Data 
Encryption  Standard  (3DES)  encryption  to  its  network. 

The  superior  technology — and  first-class  teamwork — from 
Cisco  and  its  AWID  partner  netForensics  have  strength¬ 
ened  the  privacy  and  security  of  NYCHHC’s  network 
while  positioning  it  to  meet  HIPAA  regulations. 


The  superior 
technology — and 
first-class 

teamwork — from  Cisco 
and  its  AWID  partner 
netForensics  have 
strengthened  the  privacy 
and  security  of 
NYCHHC’s  network  while 
positioning  it  to  meet 
HIPAA  regulations. 


Law  Firm  Bars 
Intruders  from 
Network  cwrocsrd 


Secure  Password 


Pitney ;  Hardin,  Kipp 
&  Szuch  uses  authentication  system 
to  strengthen  security 


TECHNOLOGY 


One-hundred-year-old  law  firm  Pitney,  Hardin, 

Kipp  &  Szuch  (PHKS)  needed  to  strengthen  its 
network  security.  The  firm  turned  to  the  Cisco 
Secure  Access  Control  Server  (ACS)  and  PIX®  Firewall 
from  Cisco  Systems  to  shore  up  the  security  of  its  basic 
network  infrastructure.  The  next  challenge  was  to  find  a 
user  authentication  system.  Basic  password  protection  was 
not  enough,  because  passwords  can  be  compromised  and 
are  vulnerable  to  Internet  hackers.  PHKS  discovered 

CRYPTOCard  Corp.,  a 
Cisco  security  and  virtual 
private  network  (VPN) 
AVVID  partner.  Thanks  to 
Ciscos  long-term  relationship 
with  CRYPTOCard,  the 
PHKS  team  felt  comfortable 
entrusting  its  authentication 
needs  to  a  Cisco  partner. 
Another  important  factor  in 
PHKS’  choice  was  that  Cisco  and  CRYPTOCard  had 
already  had  their  products  tested  to  meet  the  Cisco  AWID 
Partner  Program  interoperability  criteria,  so  they  knew  that 
their  products  would  work  together.  The  CRYPTOCard 
system,  called  CRYPTOAdmin,  uses  both  hardware-  and 
software-based  tokens.  Users  first  enter  their  personal  identi¬ 
fication  numbers,  and  then  the  token  generates  a  random 
password  that  allows  them  to  access  the  network  one  time 
only.  Most  of  PHKS’  remote  users  utilize  the  software 
token,  though  about  one-quarter  of  the  workers  need  the 
hardware  token  because  they  switch  among  multiple 
machines.  As  the  firm  grows,  PHKS  expects  its  remote  user 
population  to  grow,  too.  With  the  Cisco  and  CRYPTOCard 
technology  in  place,  PHKS  is  confident  that  intruders  will 
be  thwarted  in  any  attempts  to  log  on  to  the  network. 


With  the  Cisco 
and  CRYPTOCard 
technology  in  place, 
PHKS  is  confident 
that  intruders  will  be 
thwarted  in  any 
attempt  to  log  on  to 
the  network. 


The  netForensics-Cisco  AWID 
Security  and  VPN  solution  for 
NYCHHC  can  be  found  at: 


The  CRYPTOCard-Cisco  AWID  Security 
Services  solution  for  Pitney,  Hardin, 
Kipp  &  Szuch  (PHKS)  can  be  found  at: 
www.nwfusion.com/go/phks 
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Network  on 
the  Prairie 

North  Dakota’s  statewide  integrated 
data  and  video  tt 

*  u  POLYCOM 

network  unites  WV 

rural  areas  and  achieves  economies 

of  scale 


VPN 
Fits  the 
Prescription 


SECURITY" 


Tri Health’s  upgraded  network  reduces 
costs,  improves  healthcare  and  protects 
patient  privacy,  a  HIPAA  mandate 


North  Dakota’s  mostly  rural  population  of 

650,000  is  scattered  across  mainly  small-town 
communities.  In  1999,  the  North  Dakota  State 
Legislature  passed  Senate  Bill  2043  mandating  construc¬ 
tion  of  a  statewide  network  that  could  carry  integrated 
data  and  video  communications.  The  resulting  network, 
built  atop  Cisco  AVVID  from  Cisco  Systems,  is  based 
on  ATM  technology  and  includes  quality-of-service 
(QoS)  capabilities.  Videoconferencing  is  made  possible 
by  iPower™  and  ViewStation™  equipment  from 
Polycom,  a  Cisco  AVVID  partner.  The  integrated  IP 
QoS  over  ATM  network  has  already  improved  the 
state’s  educational  resources  and  strengthened  its  ties  to 

the  outside  world.  In 
counties  that  share  a 
single  judge,  for  exam¬ 
ple,  a  20-minute 
arraignment  can  be 
held  without  requir¬ 
ing  the  judge  to  drive 
two  hours  into  a 
neighboring  county. 
The  11  colleges  and 
universities  in  the 
state’s  higher  educa¬ 
tion  system  can  hold 
many  simultaneous  full-motion  instructional  sessions. 
Governor  John  Hoeven  even  used  the  network  last 
January  for  an  interactive  broadcast  of  his  State  of  the 
State  address.  As  a  result  of  the  Cisco/Polycom  relation¬ 
ship,  North  Dakota’s  rural  residents  who  hunger  for 
more  education  and  information  don’t  have  to  travel 
farther  than  their  computers. 


As  a  result  of  the 
Cisco/Polycom 
relationship,  North 
Dakota’s  rural 
residents  who  hunger 
for  more  education 
and  information 
don’t  have  to  travel 
farther  than  their 
computers. 


TriHealth,  Inc.,  a  major  healthcare  provider  in  the 
tri-state  area  of  Ohio,  Indiana  and  Kentucky, 
needed  a  better  way  to  provide  remote  offices 
and  mobile  physicians  access  to  its  wide-area  network 
(WAN). The  company’s  128-kbps  Frame  Relay  network 
was  expensive,  and  56-kbps  dial-up  access  was  the  only 
option  for  remote  users.  And  both  access  methods  were 
too  slow  for  transmitting  x-ray  images — a  capability  the 
doctors  were  demanding.  In  addition,  new  requirements 
based  on  the  Health  Insurance  Portability  and 
Accountability  Act  (HIPAA)  would  soon  mandate  all 
healthcare  providers  to  demonstrate  enhanced  privacy 

and  security  of  patient 


Now  doctors  can 
tap  safely  into 
the  VPN  from 
anywhere  to 
view  and  share 
bandwidth-intensive 
files. 


records.  All  these  factors 
added  up  to  a  compelling 
case  for  an  upgrade,  and 
security  was  paramount. 
TriHealth  installed  virtual 
private  networks  (VPNs), 
intrusion  detection  system 
(IDS)  sensors  and  firewalls 

from  Cisco  Systems.  Cisco  AVVID  partner  RSA  Security 
supplied  the  RSA  SecurlD®  state-of-the-art  user 
authentication  system.  Thanks  to  the  strong  relationship 
between  Cisco  and  RSA  Security,  the  new  infrastructure 
provided  immediate  value-add:  Hardware  and  mainte¬ 
nance  costs  for  the  VPN  are  50  percent  lower  than  for 
Frame  Relay.  The  monthly  service  charges  are  33  percent 
lower.  Remote  users  have  speedier,  more  efficient  access. 
And  now  doctors  can  tap  safely  into  the  VPN  from  any¬ 
where  to  view  and  share  bandwidth-intensive  files. 
Healthier  patients — and  well-equipped  doctors — are  the 
ultimate  return  on  investment. 


The  Polycom-Cisco  AVVID  IP 
Videoconferencing  solution  for  the 
state  of  North  Dakota  can  be  found 
at: 


The  RSA  Security-Cisco  AWID 
Security  and  VPN  solution  for  TriHealth 
can  be  found  at: 
www.nwfusion.com/go/trihealth 
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Safety  Makes 
the  Grade 


Walker  County 
Schools  tap 
Internet  filtering 
device  to  keep  inappropriate 
content  at  bay 


INTERNET  FILTERING 


Closing  the 
Barn  Door 
on  Hackers 

Wells’  Dairy  protects  its 
assets  with  a  VPN  and 
Sygate  personal  firewalls 
on  mobile  workers’  laptops 


SYGATE 


or  years,  the  teachers  and  students  ofWalker 
County  Schools  in  northwest  Georgia  were 
forced  to  sit  out  most  of  the  Internet  revolution. 
Because  of  spotty  Web  access,  teachers  avoided  including 
the  Internet  in  their  lesson  plans.  When  the  county 
elected  to  install  a  wide-area  network  (WAN)  for  high¬ 
speed  Internet  access,  the  next  decision  to  make  was 
which  filtering  solution  would  best  protect  the  children 
from  noneducational  content  and  secure  the  school  dis¬ 
trict’s  federal  funding.  In  accordance  with  the  Childrens 
Internet  Protection  Act  (CIPA),  which  had  not  yet  been 
finalized  at  that  point,  schools  that  receive  federal  funds 

must  demonstrate  an 
Internet  usage  policy 
and  filter  any  ques¬ 
tionable  content.  The 
solution  was  a  WAN 
built  with  Cisco 
AVVID  components, 
including  Cisco 
routers  and  the  Cisco 
PIX®  Firewall.  For 
its  filtering  solution. 
Walker  County  chose 
a  hardware/ software  - 
based  Internet  filtering  appliance  from  N2H2,  a  Cisco 
AVVID  security  partner.  The  close  relationship  between 
Cisco  and  N2H2  has  produced  a  highly  reliable  and 
efficient  solution  for  Walker  County  Schools,  which 
can  finally  take  advantage  of  the  Internets  many  educa¬ 
tional  resources. 


The  close  relationship 
between  Cisco  and 
N2H2  has  produced 
a  highly  reliable  and 
efficient  solution  for 
Walker  County 
Schools,  which  can 
finally  take  advantage 
of  the  Internet’s  many 
educational  resources. 


Wells’  Dairy  is  a  booming  ice-cream  maker 
headquartered  in  the  Midwest.  To  meet  the 
ever-growing  nationwide  demand  for  its  Blue 
Bunny  brand  ice  cream  and  dairy  products,  the  dairy  need¬ 
ed  a  better  way  to  knit  its  2,500  employees  closer  together, 
especially  their  regional  sales  managers  scattered  across  the 
country.  Wells’  Dairy’s  answer  was  to  implement  a  virtual 
private  network  (VPN),  substituting  the  free  Internet  for 
expensive  long-distance  phone  charges.  Wells’  Dairy  chose 

to  build  the  VPN  by  adher¬ 


Because  the  Cisco 
AWID  Partner 
Program  requires  that 
products  in  the  pro¬ 
gram  be  tested  to 
meet  its  interoperabil¬ 
ity  standards,  the  per¬ 
sonal  firewall,  Cisco 
VPN,  Cisco  PIX® 
Firewall  and  Cisco 
Secure  Access 
Control  Server  work 
together  to  authenti¬ 
cate  users  and  block 
intruders. 


ing  to  the  SAFE  Blueprint 
for  secure  networking  from 
Cisco  Systems,  part  of  Cisco 
AWID.  To  ensure  that  all 
end  devices  connected  to  the 
VPN  would  work  together, 
the  dairy  turned  to  Sygate 
Technologies,  a  Cisco 
AWID  security  and  VPN 
partner,  for  a  personal  desk¬ 
top  firewall  system.  Because 
the  Cisco  AWID  Partner 
Program  requires  that  prod¬ 
ucts  in  the  program  be  tested 
to  meet  its  interoperability 


standards,  the  personal  fire¬ 
wall,  Cisco  VPN,  Cisco  PIX®  Firewall  and  Cisco  Secure 
Access  Control  Server  (ACS)  work  together  to  authenti¬ 
cate  users  and  block  intruders.  Now  Wells’  Dairy  sales  man¬ 
agers  enjoy  faster  connections  while  its  IT  department  can 
rest  easy  that  its  network  is  secure. 


The  N2H2-Cisco  AWID  Security  and 
Internet  filtering  solution  for  Walker 
County  Schools  in  Georgia  can  be 
found  at: 


The  Sygate  Technologies-Cisco 
AWID  Security  and  VPN  solution 
for  Wells’  Dairy  can  be  found  at: 
www.nwfusion.com/go/wells 
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Cisco  AWID 

Partner  Solutions 


CONTENT  NETWORKING  optimizes 
the  delivery  and  management  of 
e-business  applications  and  services 

CUSTOMER  CONTACT  enhances 
customer  satisfaction  and  loyalty 
through  innovative  customer  care 
solutions 

IP  TELEPHONY  enables  new  world 
call  processing,  collaboration  and 
customer  interaction 


IP  VIDEOCONFERENCING  provides 
live  videoconferencing  collaboration 
between  desktops  and  conference 
room  systems 

NETWORK  and  SERVICE  MANAGE¬ 
MENT  delivers  tools  and  applications 
that  enable  the  deployment  of  man¬ 
agement  intranets 

SECURITY  and  VPN  offers  complete 
security  and  protection  for  networks 

STORAGE  NETWORKING  enables 
the  consolidation,  access  and 
sharing  of  storage  over  IP,  Gigabit 
Ethernet,  Fibre  Channel  and  optical 
networks 


Cisco  AWID  Partner 
Program  Highlights 

Developed  as  a  program  to  enable  the 
deployment  of  e-business  solutions  by  top 
product  and  services  vendors,  the  Cisco 
AWID  Partner  Program  uses  open  standards 
and  interfaces  to: 

■  Deploy  voice,  video  and  data  solutions  on 
a  standards-based  architecture 

■  Deliver  products  and  services  that  meet 
the  Cisco  AWID  Program  interoperability 
requirements 

■  Provide  co-marketing  with  partners 

■  Collaborate  through  development,  testing 
and  customer  support 


Customer  Benefits 

Customers  employing  solutions  within  the 

Cisco  AWID  Program,  combined  with  key 

partners,  can: 

■  Reduce  infrastructure  and  support  costs 

■  Easily  deploy  interoperable  solutions  that 
meet  the  Cisco  AWID  Program  require¬ 
ments  for  interoperability 

■  Maximize  IP  networks  for  multiple  appli¬ 
cations  and  services 

■  Accelerate  e-business  solution  imple¬ 
mentation 


www.cisco.com/go/avvidpartner 


I  he  Cisco  Systems  Verified  Logo  is  a  brand  that  indicates  a  partners  product,  technology  or  service  has  been 
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Carriers  beef  up  service-level  agreements 


Covad  makes  new  DSL  guarantees. 

■  BY  MICHAEL  MARTIN 

SANTA  CLARA  —  Covad  Communications  has  begun 
affering  broader  service-level  agreements,  a  move  that 
:ould  help  the  DSL  carrier  differentiate  its  services 
:rom  those  of  incumbents  if  it  can  deliver  on  its  lofty 
Dromises. 

Covad’s  new  SLAs,  which  went  into  effect  in  late  April, 
Drovide  DSL  service  guarantees  from  the  customer 
Dremises  to  the  point  where  traffic  hits  the  Internet. The 
:arrier’s  new  guarantees  address  installation  times  and 
availability  of  the  incumbent  local  exchange  carrier 
4  LEG)  loops  on  which  Covad’s  services  rely. 

Covad  previously  offered  SLAs  based  only  on  the 
availability  of  its  ATM  backbone. 

“We  felt  that  including  the  local  line  in  the  SLA  was 
important,”  says  Kimberly  Odom,  director  of  product 
support  for  Covad’s  wholesale  products.  “We’ve  man¬ 
aged  our  relationship  with  the  lLECs  for  a  while  now, 
and  that’s  why  we’re  confident  we  can  do  this.” 

Still,  observers  say  Covad  will  be  challenged  to  meet 
its  objectives  as  it  attempts  to  complete  the  comeback 
it  began  earlier  this  year  when  it  emerged  from  Chapter 
1 1  bankruptcy  protection. 

“It’s  hard  to  offer  a  firm  SLA  when  you’re  provisioning  off 

See  Covad,  page  44 


■  Application  service  provider  USinternetworking 
has  expanded  its  disaster-recovery  offerings  through 
a  partnership  with  SunGard  Recovery  Services. 

Through  the  partnership,  customers  receiving 
hosted  applications  from  USi  also  will  have  access 
to  SunGard's  disaster- recovery  expertise. 

Customers  can  choose  the  disaster- recovery  plan 
that  meets  their  needs,  deciding,  for  example, 
whether  they  want  backup  available  within  minutes 
or  days.  Pricing  was  not  immediately  available. 

■  AT&T  announced  last  week  that  it  is  expanding  the 
reach  of  its  dial-up  Internet  access  network  through 
a  partnership  with  Gric  Communications.  AT &T 
Business  Internet  Services  users  now  can  access 
AT&T’s  network  through  Gric’s  global  roaming  net¬ 
work  in  140  countries.  Previously,  AT&T's  network 
provided  local  access  in  59  countries.  Currently,  the 
global  dial-in  capabilities  currently  are  only  available 
to  customers  in  the  U.S.  AT&T  says  it  will  expand 
the  capability  internationally  later  this  year. 


Cable  &  Wireless  ups  latency  SLAs 

■  BY  DENISE  PAPPALARDO 

LONDON  —  Cable  &  Wireless  last  week  boosted  ser¬ 
vice-level  guarantees  for  its  dedicated  IP  customers 
around  the  globe. 

The  ISP  not  only  improved  its  latency  guarantees,  but 
also  extended  its  network  availability  service-level 
agreement  (SLA)  to  include  customers’  local  loop 
connection. 

While  it  can  be  confus¬ 
ing  with  ISPs  one-upping 
one  another  every  few 
months  with  latency,  pack¬ 
et  loss  and  network  avail¬ 
ability  SLAs,  these  are 
important  measuring 
sticks  for  customers,  says 
Michael  Suby,  senior 
research  analyst  at 
Stratecast  Partners. 

C&W  now  guarantees  that 
companies  will  not  experi¬ 
ence  more  than  50  msec  of 
latency  between  sites  in 
North  America,  putting  the 
carrier  ahead  of  its  prime 
competitors  (see  graphic). 

Genuity,  Sprint  and  World¬ 
Com  all  guarantee  cus¬ 
tomers  will  not  experience 
more  than  55  msec  of  laten¬ 
cy  between  sites  in  North 
America. 

C&W  says  it  can  offer  customers  improved  guarantees 
because  of  its  global  network  upgrades.  “We’re  consis¬ 
tently  looking  at  ways  to  improve  network  performance 
and  pass  that  along  to  customers.  Our  OC-192  upgrades 
allow  us  to  offer  stronger  guarantees  at  this  time,”  says 
John  McClosky,  senior  manager  for  Internet  access. 

The  carrier  has  upgraded  seven  switching  nodes  with 
Juniper  Networks’  160  routers  that  support  OC-192  and 
Multi-protocol  Label  Switching  technology  for  traffic 
engineering  improvements.  Those  cities  include  New 
York;  Washington,  D.C.;  London;  Paris;  Brussels,  Belgium; 
Amsterdam;  and  Frankfurt,  Germany. The  carrier  says  it 
will  upgrade  five  more  nodes  by  the  end  of  June. 

The  carrier  also  improved  its  SLA  in  Europe,  which 
now  guarantees  customers  will  not  experience  more 
than  50  msec  of  latency  between  sites.  But  Sprint  is  still 
leading  the  market  with  its  guarantee  that  customers 
will  not  experience  more  than  45  msec  of  latency 
between  sites  in  Europe. 

C&W  also  is  offering  customers  performance  guaran¬ 
tees  between  specific  cities  around  the  world.  The  ISP 
guarantees  customers  will  not  experience  more  than 
100  msec  of  latency  between  New  York  and  London; 
110  msec  of  latency  between  Amsterdam  and 


in  North  America,  Europe. 

Washington,  D.C.;  and  180  msec  of  latency  between 
Sydney,  Australia,  and  San  Francisco. 

These  guarantees  are  based  on  monthly  averages.  If 
the  carrier  misses  its  guarantees,  customers  are  issued 
a  three-day  service  credit  on  their  next  bill.  Customers 
are  required  to  apply  for  credits.  To  date,  WorldCom  is 
the  only  provider  offering  proactive  credits. 

“Latency  is  most  important  for  customers  that  are  using 


their  IP  network  for  time-sensitive  applications  such  as 
[voice  over  IP],”  Suby  says.  But  most  customers  still  use 
their  IP  connectivity  for  data  traffic,  which  is  why  latency 
is  really  more  of  a  benchmark  for  performance,  he  says. 

“What  is  more  interesting  and  noteworthy  is  the  exten¬ 
sion  of  [C&W’s]  network  availability  guarantee  to  include 
local  loop  access  and  its  automatic  SLA  updates  for  all 
customers  without  requiring  new  contracts,” Suby  says. 

The  service  provider  guarantees  uptime  on  a  cus¬ 
tomer’s  local  loop  access  when  C&W  orders  that  service. 
If  a  customer  already  has  a  local  connection  or  prefers  to 
order  that  link  itself,  then  the  local  loop  will  not  be  cov¬ 
ered  by  C&W’s  100%  network  availability  guarantee. 

If  a  customer  cannot  reach  C&W’s  network  for  more 
than  10  minutes,  the  customer  will  be  credited  with  one 
day’s  worth  of  service. 

C&W’s  new  SLAs  are  available  now  to  all  customers. 
The  carrier  is  offering  customers  a  Web-based  contract 
that  lets  them  benefit  from  new  SLAs  without  having  to 
draw  up  a  new  printed  contract.  Most  ISPs  require  users 
to  work  with  their  sales  representatives  if  they  want 
updated  SLAs  to  apply  to  their  contracts.  C&W  says  cus¬ 
tomers  just  fill  out  a  form  online  and  updated  SLAs 
automatically  will  apply. 

C&W:  www.cw.com 


Lay  of  the  SLA  land 

Cable  &  Wireless  has  leapfrogged  others  with  its  latest  latency  SLAs 
in  North  America,  but  the  contest  in  North  America  and  in  Europe 
is  close. 


ISP 

Maximum 
latency  in 

North  America 

Maximum 
latency  in 
Europe 

Maximum 
packet  loss 

Network 

availability 

Proactive 

credits 

AT&T 

60  msec 

N/A 

.7% 

99.99%*** 

No 

Cable  & 
Wireless 

50  msec 

50  msec 

1% 

100%* 

No 

Genuity 

55  msec 

55  msec 

.5% 

99.97%* 

No 

Sprint 

55  msec 

45  msec 

.3% 

99.9%** 

No 

WorldCom 

55  msec 

55  msec 

.5% 

100%* 

Yes 

‘Includes  local  loop  when  ISP  orders  local  connection. 

“Includes  local  loop  from  traditional  local  exchange  carrier.  100%  network  availability  with  Sprint's  local 
Broadband  MAN  service. 

‘“Includes  local  loop  for  customers  that  lease  CPE  from  AT &T  and  when  the  carrier  manages  that  CPE. 


ineres  a  uen  rowertage  server 
with  Windows®  2000  Server 
for  every  kind  of  business. 

From  “kind  of  start  up"  to  "kind  of  FORTUNE  500.®" 
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No  matter  the  size  of  your  company,  we’ve  got  a  server  that  fits.  Dell  PowerEdge  servers  with  Windows®  2000  Server  operating  system  have  many 
amazing  "abilities":  scalability,  availability,  manageability  and  serviceability.  So  they  grow  with  your  business,  minimize  downtime,  are  easy  to  integrate 
and  even  easier  to  support.  No  matter  what  your  business  needs  -  from  file/print  to  database  management  -  you  can  choose  the  server  with 


Ask  about 


60, 


DAYS 

same-as-cash 

Microsoft®  Windows®  2000  Server  operating  system  that  is  right  for  you.  And,  by  dealing  direct  with  Dell,  you  get  a  system  customized  to  fit  your  tinmaum-d  customer.® 


business  needs,  at  an  affordable  price,  backed  by  our  award-winning  service  and  support.  It's  a  nice  mix  of  exactly  the  server  you  need  with  exactly  the  operating  system  you  want. 


PC  Magazine  Editors'  Choice  Award 

Small  Business  Solutions 
-  April  2002 


Deli  Small  Business 


PowerEdge™  1500SC  Server 

NEW  Simple  and  Strong  Tower  Server 

•  Intel* *  Pentium*  III  Processor  at  1.13GHz 

•  Dual  Processor  Capable 

•  128MB  133MHz  ECC  SDRAM  (up  to  4GB) 

•  18GBS  (10K  RPMI  Hot-Swap  Ultra3  SCSI  Hard  Drive 

•  Embedded  Dual-Channel  Ultra3  SCSI  Controller 

•  Embedded  Intel*  PRO  Gigabit  NIC 

•  1-Yr  Next  Business  Day  On-Site  Service,’  1-Yr  Limited  Parts 
Warranty?  1-Yr  24x7  Dedicated  Server  Phone  Tech  Support 


$1299 


or  as  low  as  $37/mo.,  46  payments®  60 
days  same-as-cash  for  qualified  customers. 

E-VALUE  Code:  11504-290512 


Recommended  upgrades: 

•  NEW  PowerConnecf  2124*  24-Port  Unmanaged  Switch 
with  Gigabit  Port,  add  $299 

•  System  Including  Small  Business  Server  2000  and 
Memory  Upgrade  to  256MB  is  $2699 


PowerEdge™  2500  Server 

Robust  and  Scalable  Tower  Server 

•  Intel*  Pentium*  III  Processor  at  1.13GHz 

•  Dual  Processor  Capable 

•  128MB  133MHz  ECC  SDRAM  (up  to  6GB) 

•  18GB5  (10K  RPM)  Hot-Swap  Ultra3  SCSI  Hard  Drive 

•  Embedded  Dual-Channel  Ultra3  SCSI  Controller 
•Embedded  Intel®  10/100  NIC 

•  Hot-Swap,  Redundant  Cooling  Fans 

•  Optional  Hot-Swap.  Redundant  Power  Supplies 

•  Optional  Embedded  Dual-Channel  RAID  Solution 

•  3-Yr  Next  Business  Day  On-Site  Service’ 


$1899 


or  as  low  as  $54/mo.,  46  payments®  60 
days  same-as-cash  for  qualified  customers. 

E-VALUE  Code:  11504-290518 


Recommended  upgrades: 

•  PowerConnect”  3024*  24-Port  Managed  Switch,  add  $699 

•  System  Including  Windows*  2000  Server  is  S2699 


PowerEdge™  1650  Server 

NEW  Highly  Available  1U  Rack-Optimized  Server 

•  Intel*  Pentium*  III  Processor  at  1.13GHz 

•  Dual  Processor  Capable 

•  128MB  133MHz  ECC  SDRAM  (up  to  4GB) 

•  18GB’  (1  OK  RPM)  Hot-Swap  Ultra3  SCSI  Hard  Drive 

•  Dual  Embedded  Gigabit  NICs 

•  Hot-Swap,  Redundant  Cooling  Fans 

•  Optional  Embedded  Dual-Channel  RAID  Solution 

•  Optional  Redundant  Power  Supplies 

•  3-Yr  Next  Business  Day  On-Site  Service’ 

or  as  low  as  S48/mo.,  46  payments®  60 
days  same-as-cash  for  qualified  customers. 

E-VALUE  Code:  11504-290516 


*1699 


Recommended  upgrade: 

•  System  Including  Windows®  2000  Server  is  $2499 


PowerVault™  PV715N  Storage 

NEW  NAS  Fite  Sharing  Storage 

•  Offloads  Storage  Load  from  Desktops  and  Servers 

•  Snap  Shot  Capability  for  Backing  up  Stored  Data 

•  Intel®  Celeron®  Processor  at  900MHz 

•  256MB  SDRAM  (up  to  512MB) 

•  160GB  IDE  Hard  Drive  -  Four  40GB  Bays 

•  Dual  10/100  Ethernet  Ports 

•  SCSI  Port  for  Local  Backup 

•  Multi-Platform  Support  of  PC.  Unix,  Apple,  and  Novell 

•  Powered  by  Windows*  Operating  System 

•  1-Yr  Next  Business  Day  On-Site  Service,’  3-Yr  Limited  Parts 
Warranty?  Lifetime  24x7  Dedicated  Server  Phone  Tech  Support 


$1799 


or  as  low  as  $51/mo.,  46  payments.®  60 
days  same-as-cash  for  qualified  customers. 

E-VALUE  Code.  115O4-290517n 


pentium®/// 


Servers  for  any  size  business.  Easy  as 


D*LL 


Visit  www.dell.com/networkworld  or  call  toll  free  1-877-388-3355. 


Cell:  M-F  7a  8p  Sat  8a  5p  CT 

Pricing,  specifications,  availability  and  teams  ot  otter  may  change  without  notice  Taxes  and  shipping  charges  extra,  and  vary, 
responsible  for  errors  in  typography  or  photography 
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U.S.  Dell  Small  Business  (BSD  and  BASD)  new  purchases  only  Dell  cannot  be  held 


PCs  use  genuine  Microsoft®  Windows1' 
www.microsoft.com/piracy/howtotell 


'This  device  has  nor  been  approved  by  the  Federal  Communicalions  Commission  (or  use  in  a  residential  environment  This  device  is  not.  and  may  not  be.  offered  foi  sale  ot  lease.  01  sold  or  leased  tor  use  in  a 

residential  environment  until  the  approval  of  the  FCC  has  been  obtained 

Tor  a  copy  of  out  Guarantees  ot  Limited  Warranties,  wnte  Dell  USA  L.P.  Ann:  Warranties  One  Dell  Wav  Round  Rock.  Texas  78682  Service  may  be  provided  by  thud  parry  Technician  will  be  dispatched,  if 
necessary,  following  phone-based  troubleshooting  To  receive  Next-Business  Day  service.  Dell  must  notify  service  provider  befoie  5  pm  (depending  on  service  contract)  customer’s  time  Availability  vane,  foi  hard 
dnves  GB  means  1  trillion  bytes  accessible  capacity  vanes  with  operating  environment  “Monthly  payment  is  based  on  a  48-month  1 2  99%  interest  rale  for  qualified  business  customers  Youi  interest  rate  and 
monthly  payment  mav  be  same  or  higher  depending  on  your  creditworthioess  Minimum  transaction  size  of  $500  is  required  Maximum  aggregate  financed  amounts  not  to  exceed  $25,000  Under  50  Days 
Same-As  Cash  QutckLoan.  interest  accrues  during  hist  60  days  after  the  QuickLoan’s  Commencement  Date  (which  is  five  days  aher  product  shipsl  if  balance  is  not  paid  within  these  60  days.  STATED  INTEREST 
RATE  AND  60  DAYS  SAME  AS-CASH  QUICK10AN  ARE  FOR  QUALIFIED  ONLINE  BUSINESS  CUSTOMERS  OFFER  VARIES  BY  CREDITWORTHINESS  OF  CUSTOMER  AS  DETERMINED  BY  LENDER  f3xes.  lees  and 
shipping  charges  are  extra  and  may  vary  Not  valid  on  past  orders  ot  financing  QuickLoan  is  from  CUT  Online  Bank  to  Dell  Small  Business  IBSOI  online  cuslomeis  with  approved  credit  Dell,  the  stylized  F.  logo. 
E-Value.  PowerEdge,  PowerConnect  and  PowerVault  are  trademarks  of  Dell  Computer  Corporation  Intel.  Intel  Inside  and  Pentium  aie  trademarks  or  registered  trademarks  of  Intel  Corporation  oi  Its  subsidiaries  in 
tt*  United  Stares  and  ottiei  countries  Microsoft  and  Windows  are  registered  trademarks  of  Microsoft  Corporation.  ©2002  Dell  Computer  Corpmation.  All  rights  reserved 
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Telseon  GEO  remains  bullish  on  Ethernet  wavelength  services 


The  Chapter  1 1  bankruptcy  protection  filing  by  Yipes  Communications 
earlier  this  spring  proved  that  metropolitan  Ethernet  providers  are  not 
immune  to  the  slump  driving  many  competitive  telecom  carriers  out  of 
business  and  forcing  the  revenue  of  incumbents  down.  Network  World 
Senior  Writer  Michael  Martin  recently  spoke  with  John  Kane,  CEO  of 
Ethernet  services  provider  Telseon,  which  provides  metropolitan  band¬ 
width  to  other  service  providers,  to  see  how  his  company  was  riding  out 
the  market  slowdown. 


What  would  you  say  to  customers  to  convince 
them  that  Telseon  is  not  going  the  same  way  as 
Yipes  and  other  providers  that  have  filed  for 
bankruptcy? 

I  don’t  know  there’s  anything  you  can 
say. You  have  to  demonstrate  you  have  via¬ 
bility.  Showing  you  have  deep-pocketed 
investors,  like  we  do,  helps.  And  we’re 
close  to  cash-flow  break-even.  We  raised 
$20  million  in  January,  which  is  the  hard¬ 
est  thing  I’ve  ever  done  in  my  business 
career. Theoretically,  that  money,  under  our 
current  business  plan  anyway,  is  enough  to 
get  us  to  break  even  by  year-end.  But  we’re 
also  not  going  to  disclose  financial  infor¬ 
mation.  So  there  can  be  a  challenge  to 
show  potential  customers  we  can  provide 
them  with  services. 

Are  you  picking  up  business  from  any  of  the 
providers  that  have  gone  bankrupt? 

We  see  some  opportunities  from  cus¬ 
tomers  of  people  like  Sigma  and  Sphera 

[which  have  gone  out  of  business].  We  really  don’t  compete  with  Yipes.  We’re 
really  in  the  core  downtown  metropolitan,  high-bandwidth  opportunity. They 
were  more  into  owning  the  customer  at  the  enterprise  level.  Owning  cus¬ 
tomers  is  an  expensive,  time-consuming  process.  Our  customers  have  proba¬ 
bly  four  to  five  times  the  bandwidth  per  circuit  on  average.  So  the  return  on 
our  capital  was  faster. 

Who  do  you  see  as  your  biggest  competitors? 

Broadly,  we  see  our  partners  competing  with  us.  We  may  have  a  network 
piece  in  a  place  that  they  don’t,  so  they  use  us  in  those  areas.  We  buy  fiber 
from  MFN  and  Level  3,  and  we  compete  with  MFN  and  Level  3  in  the  managed 


services  area  in  some  cases.  We  also  compete  with  XO  Communications  and 
Time  Warner  Telecom.  We  compete  with  Con  Ed  Communications  in  New 
York.  But  we  don’t  see  as  many  people  in  the  marketplace  at  our  scale  that 
there  were  six  months  ago.  And  the  regional  Bell  operating  companies  are 
always  there. 

Are  you  looking  to  pick  up  some  of  the  assets  that  might  be  available  from  struggling 
providers? 

We’re  going  out  and  starting  to  look  at  picking  up  some  assets  at  some  of 
these  bankruptcy  sales.  Not  big  sets  of  assets.  A  piece  here  and  there.  What 

we’re  working  on  now  is  not  how  to  survive  — 
although  that’s  something  we’re  still  concerned 
about  —  but  how  to  take  advantage  because 
some  people  are  weak. 


What  percentage  of  your  business  is  wavelengths 
now  and  what  percentage  is  Ethernet? 

More  than  half  of  our  business  is  now 
wavelength.  We  were  Ethernet  zealots. The 
idea  was  to  sell  it  to  the  dot-com  businesses. 
But  of  course  by  the  time  we  got  to  the  mar¬ 
ketplace,  the  dot-coms  were  becoming  the 
‘dot-gones.’ 

And  all  the  carriers  we’d  talked  to  about 
Ethernet  services  said  they  weren’t  ready  for 
Ethernet.  They  wanted  wavelengths.  We  told 
them  we  didn’t  do  that  and  left.  But  once  this 
happened  10  or  15  times,  we  looked  and  real¬ 
ized  we  needed  wavelength  services.  So  we 
reached  a  shared-network  agreement  with 
Dynergy  and  built  out  a  wavelength  footprint 
on  top  of  our  Ethernet  footprint.  We  started 
selling  those  services  late  last  year,  and  the 
demand  has  been  amazing. 


How  does  your  relationship  with  Dynergy  work? 

Dynergy  is  a  big  power  company  with  a  global  telecom  subsidiary. That  sub¬ 
sidiary  operates  a  long-haul  network.They  needed  a  distribution  solution  on 
the  metro  side,  so  they  came  to  us  and  partnered.  We  put  up  the  fiber  infra¬ 
structure,  racks,  management,  power,  and  they  put  up  the  switching  equipment 
for  the  [dense  wavelength  division  multiplexing]  in  those  metros.  It  was  a  great 
deal  for  us  because  there  was  no  incremental  capital  cost  and  we  got  a  whole 
new  product  set.  Anyone  who  wants  to  compete  with  us  for  wavelengths  in  the 
metro  has  to  bring  a  checkbook  because  we  have  an  embedded  infrastructure 
with  little  cost.H 
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Covad 

continued  from  page  41 

of  someone  else’s  network,”  says  Matthew 
Davis,  an  analyst  with  The  Yankee  Group. 
“They  still  have  to  rely  on  the  ILEC.” 

Other  competitive  DSL  providers,  such 
as  New  Edge  Networks,  offer  SLAs  similar 
to  Covad's,  observers  say.  But  incumbents 
offer  less-extensive  SLAs,  even  though 
th  \  Lave  begun  offering  business-class 
DSL  services. 

Covad's  next  step  should  be  to  give  cus¬ 
tomers  a  way  to  monitor  DSL  traffic  in  real 


time, so  they  can  tell  if  SLAs  are  being  met, 
says  Pat  Hurley,  an  analyst  with  Tele- 
Choice.  Under  the  new  SLAs,  customers 
need  to  call  Covad  to  confirm  whether  an 
SLA  has  been  broken. 

Covad  is  providing  guarantees  on  the 
local  loop  in  three  ways. 

•  For  installations,  Covad  is  guarantee¬ 
ing  that  a  line,  including  the  local  loop, 
will  be  up  and  running  within  30  days  of 
an  order  going  through.  If  it  takes  longer, 
customers  will  get  a  50%  credit  on  their 
first  monthly  charge. 

•  Covad  is  guaranteeing  the  uptime  of 


its  TeleSpeed  DSL  service,  promising 
99.9%  availability  for  each  DSL  line.  If  the 
network  availability  goal  is  not  met, 
Covad  will  give  customers  a  credit  of  3% 
off  the  monthly  charge  for  each  hour 
that  the  monthly  downtime  target  is 
exceeded. 

•  The  carrier  is 
promising  repair 
of  a  downed 
DSL  connection 
within  24  hours. 

Customers  will 
receive  a  10% 


credit  on  their  monthly  charge  for  each 
line  not  repaired  on  time. 

Covad  also  outlined  SLAs  for  its  Tele- 
Xtend  T-l  services,  including  99.99%  up¬ 
time  and  four-hour  repair  times. 

Covad’s  retail  Covad  Direct  customers 
will  have  these  guaran¬ 
tees  passed  to  them 
directly.  Covad  whole¬ 
salers  have  the  option 
to  pass  the  SLAs  down 
to  their  customers. 

Covad:  www.covad 
.com 
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More  online! 

o  Check  out  the  latest 
3  deployment  Figures  and 
projections  for  DSL  n 
North  Amenca. 

DocFinder:  9229 
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No  one  covers  the  small  business  market  like  NETGEAR®.  Take  our 
gigabit  switches  for  example.  Most  manufacturers  have  a  few  gigabit 
models.  NETGEAR  has  a  wide  choice  including  what  no  other  manufacturer 
offers:  unmanaged  switches  with  16  and  24,  along  with  4  and  8, 
all  gigabit  ports. 
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Consider  the  FS750  model  featuring  48  10/100  speed  ports  with  modular 
gigabit  uplinks,  and  the  GS524T  with  24  all  gigabit  ports.  Data  moves  up 
to  2000  Mbps  per  port  in  full-duplex  mode,  10  times  faster  than  with  Fast 
Ethernet.  Which  means,  multimedia,  image  and  video  files  will  giddy-up 
— or  giga-up — and  go.  And  they'll  arrive  safely. 
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As  with  all  NETGEAR  products,  our  affordable  switches  have  the  latest 
technology  and  U.S.  quality  components,  for  the  highest  reliability.  Pius, 
they're  easy  to  set  up  and  use,  just  plug  and  play.  And  each  is  backed  by 
24x7  toll  free  technical  support  from  the  leader  in  switches  for  smaii 
business.  In  fact,  NETGEAR  was  recently  named  the  market  leader  in  l  ayer  2 
Fast  Ethernet  unmanaged  switches  for  small  business  networks  in  2001  .* 

•,/  ' 

Make  NETGEAR  your  giga  choice.  For  details,  visit  www.ne?9«;csr.<:em. 


*  Dell'Oro  Group  Ethernet  Switch  report  published  February  1 3,  2002,  as  measured  by  port  shipment. 
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VoIP  needs  more  spice  before  the  masses  will  bite 


Enterprise  adoption  of  voice-over-IP 
services  is  growing,  but  at  a  slower 
pace  than  many  on  the  supplier  side 
anticipated.  In  light  of  the  modest  adop¬ 
tion  rates,  providers  continue  to  expand 
their  offers  and  sweeten  the  pot  —  doubt¬ 


less  to  induce  an  uptake  in  near-term  tri¬ 
als  and  deployments. 

In  the  majority  of  other  cases,  continued 
provider  improvements  are  needed  in 
terms  of  availability,  price,  scalability  and 
performance  before  large-scale  enterprise 


adoption  will  be  likely. 

As  for  infrastructure-related  improve¬ 
ments  in  performance,  scalability  and 
availability,  providers  will  make  significant 
strides  in  the  next  12  to  18  months,  which 
ultimately  will  stimulate  customer  migra¬ 
tion  from  the  public  switched  telephone 
network  to  VoIP  services. 

How  far  off  is  the  beginning  of  the  accel¬ 
erated  adoption  curve  (that  infamous 
“hockey  stick”)?  By  my  count,  not  until  late 
2003  to  early  2004  in  the  U.S. 

In  the  meantime,  providers  continue  to 
expand  their  offers  and  create  new  incen¬ 
tives.  Service-related  examples  include 
enhancements  and  expansions  of  con¬ 
verged  or  VoIP  services  provided  by  global 
Tier  1  facilities-based  carriers  such  as 
Equant,  Cable  &  Wireless,  AT&T  and  World¬ 
Com.  Other  recent  relevant  examples 
include  IP  videoconferencing  service  an¬ 
nouncements  from  Sprint,  Equant  and 
AT&T. 

Providers  also  continue  to  offer  cus¬ 
tomers  financial  inducements. 

Equant’s  Converge  Easy  promotion, 
which  runs  through  August,  features  the 
following: 

•  A  six-month  VoIP  trial  for  five  customer- 
selected  sites. 

•  No  extra  charge,  as  Equant  absorbs  the 
cost  of  additional  voice  cards  and  incre¬ 
mental  bandwidth  cost  of  a  Platinum-class 
port  to  handle  multimedia  traffic. 

•  Normal  charges  for  Gold  class  of  ser¬ 
vice,  access  line,  chassis  and  speed  up¬ 
grades,  off-net  and  call-center  usage 
charges  (if  applicable). 

•  Platinum  port  billing  will  occur  after 
six  months,  unless  customer  cancels. 

AT&T  developed  a  limited-time  offer  to 
encourage  customer  adoption  of  its 
managed  Internet  service  with  VoIP 
These  incentives  save  customers  up  to 
$1,000  on  provider-related  installation 
fees,  plus  at  the  high  end,  up  to  $7,400 
on  requisite  VoIP  WAIN  equipment.  This 
incentive  expired  April  30,  but  I  think  it’s 
likely  that  another  will  appear  by  sum¬ 
mer’s  end. 

It’s  important  to  remember  that  results 
from  small  trials  cannot  be  linearly  extrap¬ 
olated  to  the  assumed  baseline  perfor¬ 
mance  that  a  company  will  experience. 
However,  they  can  be  important,  if  some¬ 
what  rudimentary,  learning  tools  on 
issues  such  as  requisite  customer/site 
preparation,  feature  performance,  relevant 
provider  expertise,  and  installation  and 
maintenance  procedures. 

As  to  current  incentives  that  encourage 
companies  to  make  near-term  multiyear 
managed  services  commitments,  I  recom¬ 
mend  that  most  business  customers  save 
this  type  of  information  for  the  day  they 
negotiate  for  VoIP  services  in  earnest.  If 
these  types  of  costs  are  on  the  table  today, 
they  likely  will  be  fair  game  for  negotia¬ 
tion  then. 


Pierce  is  a  research  fellow  at  Giga  Infor¬ 
mation  Group.  She  can  be  reached  at 
lpierce@gigaweb.  corn. 


Power.  Precision.  Protocol  Analysis. 


Increasing  the  speed  of  your  network  is  at  the  core 
of  what  Finisar  has  been  offering  its  customers  for 
over  14  years.  Finisar’s  family  of  network  analysis 
and  performance  testing  products  ensure  optimum 
performance  through  constant  monitoring,  measur¬ 
ing  and  analyzing  to  locate  problems  and  fix  them 

tojgor.e.they  impact  your  company. 
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We  listen  to  our  customers,  creating  products  that 
are  flexible  and  scalable  to  grow  and  evolve  with 
your  needs,  along  with  the  requirements  of  LAN  to 
SAN.  No  other  company  offers  products  as  easy-to- 
use  and  easy-to-implement. 

Are  you  ready  to  run  your  network  at  full  speed? 


r* ",  ■ 


The  ultimate  in  SAN  LAN  performance  tools. 
www.gofimsar.com 
1  -888-746-6484 


That’s  why  he  bought  an  Atari  video  game  system ,  a  top-of-the-line 
Beta  max,  and  lots  of  shares  in  Enron. 

And,  of  course,  he  bought  from  the  ‘ market  leader ’  for  token 
authentication.  (You  know — the  guys  in  red). 

Funny — instead  of  having  more  time  to  play  Asteroids,  George  is 
dealing  with  out-of-control  user  complaints,  broken  tokens,  and 
help-desk  nightmares. 


Wake  up  and  smell  the  coffee ,  Georgie.  Secure  Computing's 
SafeWorcT  PremierAccess™  provides  strong  authentication  for 
all  your  access  points:  Web,  VPN,  wireless  LAN,  dial-up,  Citrit, 
and  more.  Choose  any  type  of  authenticator — tokens,  digital 
certificates,  smart  cards,  wireless  devices,  and  biometrics.  Without 
buying  separate  products.  Without  custom  integration.  Without 
huge  support  headaches. 

PremierAccess  even  offers  painless  migration.  George  can  install  a 
new,  more  reliable  system ,  but  keep  using  his  existing  tokens  until 
they  expire  or  break.  Then  he  can  easily  replace  them  with  SafeWord 
tokens — the  most  durable  authenticators  on  the  market.  * 

To  follow  the  real  leader,  call  Secure  Computing  at  (800)379-4944 


*ln  recent  independent  token  stress  testing,  SafeWord  tokens  scored  100%  success.  George's  token  vendor  got 
100%  failure.  Visit  http-J/slashdot.org/comments.pl?  sid=23189&cid=2515917  for  the  complete  test  results. 


The  most  complete  solution  for  authentication 


SECURE 


COMPUTING 

www.  securecomputing.  com 
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Peace,  Love,  Network  Harmony? 

To  us  that  means  more  powerful  solutions ,  keeping  our 
customers  happy  and  savings  that  impact  the  bottom  line . 
That's  network  chi." 

-  Brad  Slamp,  Senior  Manager  of  Computer  Sciences  Corporation's 
Network  Management  Center,  Americas 


Powering  a  new  generation  of  networked  business 


For  a  chance  to  win  a  t-shirt  or  Chi  mousepad  go  to:  www.smarts.com/chi/ 


Tel:  877-2-SMARTS 


The  ATL  M2500 


Quantum’s  latest  mid-range  tape  library  is  the  IT  manager’s 
new  best  friend.  You've  always  appreciated  our  reliability. 
And  now  you’re  going  to  love  the  new  tricks. 


Enterprise-class  performance. 
Mid-range  price. 

« SUPER  Quantum  delivers  the  highest 
|T^  DLTtape and  LTO  density  in  its 
class —  in  the  most  compact, 
scalable  rack.  That  is  why  the  ATL  M2500  is 
such  an  effective  solution  for  today’s  mid¬ 
sized  company.  Hot-swap¬ 
pable  tape  drives  and  fans. 

Fibre  channel  and  SCSI 
interfaces.  Practical  fault 
tolerance.  Remote  man¬ 
agement.  And  an  intuitive 
graphical  user  interface, 
all  add  up  to  an  excep¬ 
tional  experience. 

True  incremental 
scalability.  Nothing 
else  stacks  up. 

The  ATL  M2500  enables 
you  to  start  out  small  and 


expand  as  needed —  up  to  18  drives  and  up 
to  300  cartridges.  But  it  doesn’t  end  there. 
Because  the  ATL  M2500  not  only  grows 
within  its  own  breed,  it  extends  the  capacity 
of  its  little  brother,  the  ATL  Ml 500,  by  simply 
adding  it  to  the  stack.  Now  that's  investment 
protection. 

The  ATL  M2500  puts 
high  performance  in 
your  lap. 

With  features  and  capa¬ 
bilities  that  speak  for 
themselves,  the  ATL 
M2500  is  simply  your 
best  choice  for  high  per¬ 
formance  automated 
tape  backup.  Plus,  friendly, 
eager  support  from 
Quantum  and  our  partners 
is  something  you  can 
always  depend  on. 


Register  for  a  chance  to  win  a  GPS  receiver. 


Few  things  in  life  are  this  reliable  and  secure.  Find  out  more 
about  your  new  best  friend  —  The  ATL  M2500  — 
and  register  for  your  chance  to  win  a  Magellan  315 
GPS  receiver  by  visiting  www.M2500.com  today. 

Or  to  speak  to  a  Quantum  representative  in  your 
area,  call  800-677-6268. 


www.M2500.com 


special  code  NWWQ1 


Quantum. 


<0  2002  Quantum  Corporation.  StackLmk  and  DLTtape  are  trademarks  of  Quantum  in  the  United  States  and  other  countries. 
All  other  trademarks  are  the  property  of  their  respective  companies.  Specifications  are  subject  to  change  without  notice. 


Allegro  cofounder  wants 
to  rework  routing 

Start-up  Allegro  Networks  is  building  a  “multirouter” 
platform  —  multiple  routers  in  one  chassis  —  designed 
to  let  companies  lease  physical  routers  or  router  ports 
from  a  service  provider,  rather  than  just  a  routed  ser¬ 
vice.  The  company  says  its  systems,  which  will  ship  in 
the  second  half  of  the  year,  will  let  service  providers 
offer  “real” private  networks  vs.  VPN  or  virtual  routed 
services.  Company  co-founder  Troy  Dixler  recently 


spoke  with  The  Edge  Managing  Editor  Jim  Duffy  about  VPNs,  virtual 
routers  and  the  need  to  scale  the  control  plane  at  the  edge. 

With  all  the  hype  around  VPNs  and  virtual  routing,  Allegro  seems  to  be  the  non¬ 
conformist. 

I  wouldn’t  necessarily  say  that.  We  can  do  everything  [other  new  router  ven¬ 
dors]  can.  But  in  order  to  do  what  we’re  doing,  you  have  to  rearchitect  the  rout¬ 
ing  foundation  from  the  ground  up,  which  is  not  a  trivial  task.  Routers  have  all 
been  fundamentally  the  same  since  they’ve  been  built: You  have  a  single  oper¬ 
ating  system,  a  single  CPU,  a  single  bank  of  memory,  a  single  set  of  routing  pro¬ 
tocols  running  on  a  single  control  plane.  Once  you’ve  made  [routing]  deci¬ 
sions, you  push  them  down  to  the  line  card  to  make  wire-speed  [forwarding] 
decisions.  As  the  new  chips  are  coming  out,  they’re  doing  a  lot  more  I/O. The 
next-generation  chassis  will  be  doing  thousands  of  interfaces.  As  you  scale  up 
the  number  of  interfaces,  on  top  of  that  you’ve  got  all  these  ‘services’  that  every¬ 
one’s  trying  to  do  at  the  edge.  It  just  makes  sense  that  in  order  for  you  to  scale 
up  the  services  and  scale  up  the  I/O,  you’ve  got  to  scale  up  the  brain  power  to 
drive  that.  What  most  of  the  router  vendors  have  done,  especially  some  of  the 

See  Dixler,  page  50 


RiverSoft  looks  to  manage  MPLS  nets 

Latest  products  target  service  providers. 


■  Coriolis  Networks  last  week  an 
nounced  that  Alaska  service  provider 
GCI,  an  integrated  communication 
provider,  will  deploy  Coriolis’  Opti- 
Flow  metropolitan  optical  networking 
system.  GCI  is  using  Coriolis’  platform 
to  deliver  transparent  LAN  service, 
virtual  LAN  Internet  access  and  multi¬ 
point  VLANs  for  multipoint  transport 
layer  security.  These  services  will  let 
GCI's  customers  order  a  10M,  25M  or 
50M  bit/sec  service  to  burst  beyond 
their  committed  information  rate, 
rather  than  having  to  purchase  multi¬ 
ple  T-1  circuits.  GCI  is  due  to  deploy 
the  platform  this  month  with  services 
turning  up  in  June.  Financial  terms  of 
the  deal  were  not  disclosed,  www. 
coriolisnetworks.com 

■  Router  start-up  Caspian  Net¬ 
works  last  week  announced  that  L 
William  Krause  has  been  appointed 
president,  CEO  and  chair.  Krause  re¬ 
places  President  and  CEO  Bill  Sickler. 
Sickler  and  Caspian's  board  agreed 
the  firm  needed  new  leadership  now 
that  it  will  soon  bring  its  products  to 
market,  Caspian  said.  Krause  was 
most  recently  CEO  of  Internet  out- 

<  arcing  firm  Exodus  Communi- 
c  ons.  www.caspiannetworks.com 


■  BY  DENISE  DUBIE 

LAS  VEGAS  —  At  NetWorld+Interop  2002 
Las  Vegas  this  week,  network  management 
software  maker  RiverSoft  Technologies 
will  unveil  a  package  the  company  says 
can  help  service  providers  and  large  cor¬ 
porations  monitor  voice  and  data  applica¬ 
tions  on  Multi-protocol  Label  Switching 
networks. 

RiverSoft’s  Network  Management  Oper¬ 
ating  System  (NMOS)  and  Fault  Manager 
Version  3. 1  now  support  an  add-on  agent 
for  MPLS,  which  Cisco  will  endorse.  Cisco 
and  RiverSoft  teamed  up  to  develop  soft¬ 
ware  that  can  extract  MPLS  data  from 
Management  Information  Bases  (MIB). 

RiverSoft  then  added  agents  to  auto¬ 
matically  discover  MPLS  VPNs  and 
quickly  pinpoint  network-performance 
problems  with  MPLS-specific  alerts.  And 
Cisco  updated  the  MIBs  in  its  network 
equipment  to  let  RiverSoft  display  the 
MPLS  information  in  a  topology  map, 
RiverSoft  says. 

RiverSoft’s  NMOS  technology  includes 
object  classes  that  let  the  RiverSoft  discov¬ 
ery  system  collect  connectivity  informa¬ 
tion  from  devices  used  in  IP  networks. 
MPLS  uses  labels  containing  forwarding 
information,  which  are  attached  to  IP 
packets  by  a  router.  The  MPLS  Forum,  an 
organization  looking  to  speed  up  MPLS 
adoption,  says  the  technology  can  better 
ensure  quality  of  service  with  voice,  video 


+  INTEROP 


and  data  applications  on  IP  networks 
because  it  will  deliver  packets  over  the 
same  route  and  in  the  correct  order  on  a 
network  backbone. 


The  NMOS  system  uses  server  software 
and  distributed  agents  to  collect  and  rec¬ 
oncile  conflicting  information  about  net¬ 
work  devices.  And  the  software  stores  a 
consistent  topography  of  those  devices  in 
the  topography  database.  The  classes  let 
users  define  the  behavior  and  characteris¬ 
tics  of  devices,  what  information  they 
want  to  pull  from  the  devices  and  how 
they  want  to  extract  the  data.  The  last 
See  RiverSoft,  page  50 


MPLS  without  the  mess 

RiverSoft’s  Advanced  Management  Extension  for  Multi-protocol  Label 
Switching  (MPLS)  helps  users  manage  connectivity. 


Users  can  drill 
down  through 
the  elements  of 
their  MPLS 
network  to  find 
the  root  cause 
of  performance 
problems. 


-j-®  tuurtKi  m.i 

in  w»>  in 

Q-V 

•QnrfMtt  mul 


w. 


Discovery  and  mapping  features  show  users  at  a  glance 
how  components  on  their  network  are  interconnected. 
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A  graphic  tells  users  if  their  network  is 
performing  within  preset  thresholds  or  if 
it's  experiencing  any  slowdowns. 
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Dorado  helps  simplify 
mgmt.  of  muttivendor  nets 
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Redcell  features  a  uniform  set  of  element  management  capabilities  that 
can  be  applied  to  network  gear  made  by  six  different  vendors. 


■  BY  TIM  GREENE 

FOLSOM,  CALIF  —  Dorado 
Software  is  introducing  a  pack¬ 
age  that  gives  service  providers 
the  ability  to  manage  individual 
elements  in  multivendor  net¬ 
works,  in  some  cases  with  more 
precision  than  the  vendors’ 
own  software  allows,  the  com¬ 
pany  says. 

Dorados  Redcell  Management 
Center  will  make  its  debut  at 
NetWorld+lnterop  2002  Las  Vegas 
this  week  and  feature  a  uniform 
set  of  element  management  capa¬ 
bilities  that  can  be  applied  to  net¬ 
work  gear  made  by  six  vendors, 
even  if  those  vendors’  element 
management  software  doesn’t 
provide  the  same  capabilities. 

For  example,  this  lets  service 
providers  check  the  status  of 
dual  power  supplies  in  a  router 
or  configure  ports  on  line  cards 
using  a  common  software  plat¬ 
form  across  equipment  made  by 
ATI,  Cisco,  Foundry  Networks, 
Juniper  Networks,  Riverstone 
Networks  and  Extreme  Net¬ 
works.  Dorado  will  demonstrate 
the  software  on  Cisco,  Juniper 
and  Riverstone  gear  at  the  show. 

The  alternative  method  would 
be  for  service  providers  to  rely  on 
individual  element  management 
systems  written  by  individual  ven¬ 
dors  or  resort  to  command-line 
instructions  to  each  device. 

Dorado  also  will  introduce 
VLAN  Service  Center,  software 
that  makes  it  simpler  to  set  up 


virtual  LANs  across  carriers’  mul¬ 
tiservice  networks. 

Riverstone  has  worked  with 
Dorado  to  include  drivers  in  its 
routers  so  they  can  be  config¬ 
ured  via  VLAN  Service  Center, 
says  Paul  To,  director  of  solutions 
architecture  for  Riverstone.  He 
says  this  will  make  Riverstone 
gear  more  attractive  to  service 
providers  because  they  can  cre¬ 
ate  VLAN  trunks  using  a  graphi¬ 
cal  interface,  and  then  the  soft¬ 
ware  will  configure  the  mac¬ 
hines  involved. 

“It’s  transaction-based,  so  the 
software  touches  the  individual 
boxes  and  then  comes  back  and 
tells  you  it  was  successful,”  To 
says.  This  reduces  the  amount  of 
training  network  operators  need 
to  be  able  to  set  up  VLANs,  and 
also  speeds  provisioning,  he  says. 


Dorado  says  setting  up  a  VLAN 
is  not  very  complicated  —  per¬ 
haps  five  lines  of  instructions 
using  a  command-line  interface 
—  but  for  a  service  provider  or  a 
large  company  making  frequent 
adds  and  changes,  this  is  a  work- 
saver.  The  software  will  quickly 
report  conflicts  as  they  arise,  for 
example,  if  administrators  try  to 
assign  a  port  to  more  than  one 
VLAN,  the  company  says. 

The  software  displays  a  map  of 
the  VLANs  as  they  are  set  up  to 
make  it  simpler  for  the  network 
administrators  to  visualize  the 
changes  they  have  made. 

Redcell  Management  Center 
costs  $60,000  for  50  network  ele¬ 
ments  and  VLAN  Service  Center 
costs  $120,000.  Both  are  avail¬ 
able  now. 

Dorado:  www.dorado.com 


RiverSoft 

continued  from  page  49 

release, Version  3.0  in  July  2001, 
included  a  central  manage¬ 
ment  console  from  which  ad¬ 
ministrators  could  monitor 
their  networks. 

The  new  products  show  River- 
Soft’s  intentions  to  address  some 
management  concerns  chal¬ 
lenging  service  providers,  says 
Glenn  O’Donnell,  Meta  Group 
program  director. 

“MPLS  is  one  of  those  tech¬ 
nologies  you  cannot  roll  out 
and  use  properly  until  you  have 
a  management  solution  in 
I'lacc.’  O'Donnell  says.  “River- 
Soft  is  trying  to  address  this  be¬ 
cause  management  of  MPLS 


technology  cannot  be  an  after¬ 
thought." 

MPLS  is  not  yet  commonplace 
among  carriers,  never  mind  in 
the  enterprise  companies  River- 
Soft  once  targeted.  Although 
still  in  the  adoption  stage,  MPLS 
could  replace  ATM  or  frame 
relay  in  multiservice  networks, 
industry  watchers  say  (see 
www.nwfusion.com,  DocFin- 
der:  9228). 

Fault  Manager  is  the  product, 
and  NMOS  is  the  code  that 
Fault  Manager  uses.  RiverSoft 
separated  the  two  so  that  it 
could  sell  its  NMOS  technology 
through  licensing  agreements 
with  companies  such  as  Intel, 
Cisco  and  Hewlett-Packard.  In¬ 
tel  included  NMOS  technology 


in  its  NetStructure  Management 
Appliances  in  September  2000. 
HP  announced  a  version  of  its 
Network  Node  Manager  in 
November  2001  that  included 
RiverSoft ’s  Layer  2  discovery 
feature  found  in  NMOS,  and 
NMOS  was  included  in  a  pilot 
run  of  CiscoWorks  mobile  wire¬ 
less  products  in  March  2001. 

RiverSoft  NMOS  and  Fault 
Manager  Version  3.1  are  ship¬ 
ping  with  prices  beginning  at 
$100,000,  depending  on  net¬ 
work  size.  The  MPLS  advanced 
management  agents  are  avail¬ 
able  as  add-ons. 

RiverSoft:  www.riversoft.com; 
Cisco:  www.cisco.com;  Interop: 
www.key3media.com/interop/lv 
2002/ 
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newer  ones,  is  they  basically  built  a  ‘me-too’  foundation  and 
then  layered  on  the  [IETF]  draft  of  the  week. 

So  I/O  scalability  is  really  not  the  problem  carriers  need  solved? 

They  do  want  the  I/O  scale,  but  everyone’s  doing  that  by 
default  because  the  chip  vendors  have  had  road  maps  for 
years  now  to  scale  that  up.  It’s  not  a  matter  of  how  much  I/O, 
it’s  ‘Can  I  control  that?’  Let’s  say  we  had  a  next-generation 
routing  platform  that  had  10,000  interfaces.  As  you  start  scal¬ 
ing  different  services  and  routing  protocols,  like  RFC  2547 
[which  defines  Layer  3  MPLS  VPNs],  carriers  are  going  to 
redistribute  all  the  routes  from  all  of  the  enterprises  that  are 
going  to  purchase  that  service  directly  into  the  edge  router. 
The  edge  router  has  to  hold  the  aggregate  of  all  those  enter¬ 
prise  routing  tables. You’ve  got  so  many,  then  on  top  of  it  you 
have  two  [interior  Border  Gateway  Protocol]  feeds,  interior 
feeds  going  up  to  the  core  routers,  holding  the  full  Internet 
table  so  the  edge  router  can  stay  default  [gatewayJ-free.On 
top  of  that, you  have  the  carrier’s  interior  routing  protocol  for 
the  interior  routes  within  the  carrier. That’s  just  three  small 
things  there.  If  you  couple  the  amount  of  routes  that  are 
going  to  get  redistributed  for  2547,  it’s  basically  going  to  light 
the  control  plane  on  fire.  It  needs  that  much  more  brain 
power  to  be  able  to  handle  the  aggregate  of  all  those  routes. 
It’s  a  forwarding  information  base  issue  as  well,  where  you’ve 
got  to  push  those  routes  down  [to  the  line  cards]  .You  start 
blowing  out  the  maximum  amount  of  memory  on  the  line 
cards.  Operators  know  for  an  absolute  fact  that  the  current 
generation  of  routers  in  their  network  will  fall  over  and  die 
with  that  [2547]  service.  Our  whole  premise  was,  there’s  a  lot 
more  I/O,  there’s  a  lot  more  service  coming  up.  If  you  don’t 
start  with  a  scalable  foundation, you’re  dead  in  the  water. 

So  much  for  service  scalability . . .  what  about  security,  reliability 
and  resiliency? 

If  you  look  at  virtual  routers  and  all  the  single  points  of  fail¬ 
ure  in  a  router,  now  you’re  going  to  scale  it  up  and  carve  out 
multiple  routers?  You’re  going  to  eat  the  control  plane  that 
much  quicker.  And  no  matter  what  any  company  says,  if  you 
think  one  router  getting  attacked  won’t  affect  another. . .  .Vir¬ 
tual  routers  are  a  marketing  item,  and  these’s  no  way  that 
people  will  trust  their  infrastructure  to  a  virtual  routed 
environment. 

So  all  the  router  vendors  marketing  systems  for  IP  VPN  delivery  are 
offering  the  wrong  architecture  for  that? 

In  our  opinion,  that  is  correct.  If  you  really  nail  them  to  the 
wall  . .  .anybody  that  has  any  credibility  at  all  will  tell  you 
absolutely  [that  RFC  2547  VPNs  and  other  trendy  new  ser¬ 
vices]  will  put  a  tremendous  burden  on  the  control  plane 
memory  and  the  forwarding  plane  memory  of  a  router. That’s 
why  you  see  all  these  debates  going  on  about  it.  If  you  ask 
‘How  are  you  addressing  that?’  the  answer  is,  they  don’t.  All 
they  did  was  put  a  gigabit  [of  I/O]  in  there. That  gives  you 
nothing.  And  that’s  why  they’ve  all  raced  out  the  door  and  said, 
‘Now  we’ve  got  all  these  drafts  of  the  week  and  we’re  a  new 
player.’They’ll  run  out  of  gas  because  it’s  a  tactical  entry  point 
into  the  market. There’s  nothing  strategic  about  you  doing 
another  architecture  the  same  way  Multiservices  are  all  check 
boxes  for  edge  routers. You've  got  to  have  those.  If  you  don’t, 
thanks  for  coming.  I’m  glad  you  have  Draft  Martini  before  the 
next  vendor,  or  I’m  glad  you  got  2547  before  the  next  vendor. 
Don’t  you  think  Cisco  and  Juniper  are  going  to  have  it?  Is  that 
really  a  strong  foundation  to  say, This  is  why  they  should  buy 
us,  this  is  why  we  are  going  to  be  successful?’ The  answer  is  no 
way.  It’s  table  stakes.  ■ 
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contractor,  call  The  NECA  Connection  at  800-888-6322. 
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National  Electrical  Contractors  Association 
International  Brotherhood  of  Electrical  Workers 


Another  great  discovery 


New! 


NetOp < 

Remote  Control  v7.0 

Moving  expertise  - 
not  people™ 


Unparalleled  speed,  security  and  scalability. 


Finally  -  a  remote  control  solution  designed 
for  IT  professionals  who  require 
impenetrable  security,  flexibility  and  near 
real-time  control  of  distant  PCs  over  modems, 
networks  or  the  Internet.  NetOp  lets  you 
access  and  support  remote  computers  from 
virtually  any  operating  system  in  the  world 
-  including  Windows  CE,  Linux,  Windows 
XP  and  even  your  Internet  Explorer  browser 
using  ActiveX.  What's  more,  NetOp's  optional 
Gateway,  Security  and  Domain  Name  Server 
modules  provide  additional  connection  and 
security  options  not  found  in  any  other 
remote  control  software.  Quite  simply,  there 
isn't  a  remote-control  package  better  suited 
to  the  needs  of  today's  IT  professional. 


NetOp 

pcAnywhere 

LapLink 


Reported  by  Computer  Reseller  News 


Download  your 
Free  fully-functional 
evaluation  copy  at 
www.NetOpUSA.com 


•  Windows  XP 

•  Windows  2000 

•  Terminal  Server 

•  Windows  NT  4.0,  3.51 

•  Windows  ME,  98,  95 

•  Windows  CE  3.0,  2.11 

•  ActiveX 

•  Linux 

•  DOS 

•  OS/2 


NetOp  and  the  red  kite  are  registered  trademarks  of  Danware  Data  A/S.  Other  brand  and  product  names  are  trademarks  of  their  respective  holders.  2001  Copyright  Danware  Data  A/S.  All  rights  reserved. 


SECURITY 

Awareness  Programs 

Dale  Bachman,  Ph.D.,  CISSP, 

Security  Practice  Manager 
Sprint  Evolutions 

Here’s  some  old  news:  information  security  is  not  (just)  a  technical  issue.  “Everyone 
knows”  that  a  good  security  system  includes  a  policy  that  embodies  the  security  goals 
and  strategy  of  the  organization,  procedural  and  technical  controls  to  enforce  the  policy, 
and  a  managed  approach  that  allows  you  to  measure  your  current  position  and  improve 
it  as  time  goes  on.  Everyone  also  knows  that  it  requires  the  support  of  executive  man¬ 
agement.  But  just  as  important  as  all  of  these  is  the  culture  of  the  organization,  and  the 
knowledge  and  involvement  of  employees  in  the  security  system. 

The  embarrassing  thing  about  this  problem  is  that  we  already  know  how  to  solve  it, 
and  the  solution  is  easy  to  implement  and  inexpensive  (relative  to  technical  controls). 
So  let’s  take  another  look  at  security  awareness  programs. 


Overview 

A  security  awareness  program  comprises  a 
series  of  educational  opportunities,  along 
with  a  system  of  motivators:  rewards  for 
desirable  behavior  and  penalties  for  undesir¬ 
able  behavior.  Each  of  these  components 
must  be  appropriate  to  the  target  audience 
and,  like  any  other  program,  must  be  man¬ 
aged  for  improvement. 

The  aim  is  simple:  to  communicate  the  rele¬ 
vant  portions  of  the  security  policy  and  pro¬ 
cedures  to  the  entire  enterprise. 

Audience 

Usually  there  are  three  segments  of  the 
enterprise  that  have  very  different  security 
education  needs. 


Executives  -  this  will  be  both  the  most 
important  and  the  most  difficult  group 
of  users  to  educate.  They  are  most 
important  because  executive  support 
means  better  funding  for  security  pro¬ 
grams,  an  easier  time  developing  nec¬ 
essary  security  components,  and  more 
ability  to  motivate  the  rest  of  the 
enterprise.  On  the  other  hand,  execu¬ 
tives  will  have  less  time  and  attention 
to  devote  to  security  education,  and 
will  be  less  subject  to  motivation  from 
the  security  organization. 

Security  and  IT  administration  -  these 
employees  have  specific  security 
responsibilities,  and  will  probably 
require  individualized  training. 
However,  they  still  need  to  see  the 
user  training,  so  that  they  can  undt : 
stand  how  the  users  view  the  security' 


organization  and  what  will  be 
expected  of  them. 

General  users  -  the  majority  of  the  popu¬ 
lation,  will  need  to  know  how  they 
fit  into  the  security  system,  what 
their  responsibilities  are,  and  where 
they  can  turn  for  help. 

Venue 

There  are  a  number  of  ways  to  get  the  mes¬ 
sage  across,  depending  upon  the  culture  of 
your  organization  and  the  level  of  manage¬ 
ment  support  (and  budget)  for  security 
awareness.  You’ll  probably  select  more  than 
one  of  these  methods  to  use  for  different 
groups  and  to  ensure  that  everyone  receives 
the  message  more  than  once. 

The  most  obvious  venue  is  the  classroom, 
but  it  can  also  be  one  of  the  most  expen¬ 
sive.  Consider  distance-learning  options 
such  as  online  courses  to  reduce  costs.  For 
executives,  individual  sessions  may  be  nec¬ 
essary  to  accommodate  a  busy  schedule  - 
and  try  to  incorporate  demos  in  these  ses¬ 
sions  in  order  to  engage  the  executive.  And 
don't  forget  the  rest  of  the  program:  direct¬ 
ed  messages  (e.g.,  mass  emails  or  articles  in 
newsletters),  town  meetings,  and  all  the 
corner-of-the-eye  items  that  keep  security  in 
your  employees’  minds. 

Remember  that  security  awareness  is  not  a 
single-shot  issue.  You’ll  have  to  continually 
remind  your  employees  of  their  responsibil¬ 
ities,  and  periodically  refresh  the  training 

Content 

Of  course  the  message  you’re  trying  to 
communicate  includes  the  portions  of  the 
security  policies  and  procedures  that  apply 
to  the  audience.  But  there  should  probably 
be  more,  even  in  a  classroom  course.  Your 
employees  should  feel  that  they’re  a  part  of 
the  system,  and  that  they  know  enough  to 


be  helpful,  so  they  need  to  have  an 
overview  of  information  security.  The 
course  also  needs  to  be  relevant  and  inter¬ 
esting  if  you  expect  them  to  retain  the 
information,  so  including  elements  that  can 
be  used  at  home  (e.g.,  how  to  protect  their 
children  from  online  predators)  would  be 
not  only  civic-minded,  but  also  productive. 
Security  is  a  contract  between  the  provider 
and  your  employees.  The  awareness  pro¬ 
grams  outline  the  responsibilities  and  the 
terms  of  this  contract. 


Testing 

There  are  people  who  claim  that  no  course 
is  complete  without  a  comprehensive  test.  I 
don’t  happen  to  believe  that,  but  testing  can 
be  a  good  way  to  make  sure  the  material 
was  delivered,  especially  if  an  online  course 
is  used.  At  the  very  least,  each  employee 
should  sign  a  statement  saying  that  she/he 
has  seen  and  understands  her/his  security 
responsibilities.  I  recommend  that  any  tests 
be  “open  book,”  since  you’re  trying  to  test 
awareness  and  the  ability  to  find  informa¬ 
tion  when  it’s  needed. 

Conclusion 

I’ve  tried  to  show  some  of  the  components 
of  a  good  security  awareness  program,  but  1 
make  no  claim  that  this  is  an  exhaustive  list. 
Like  any  program,  continual  improvement  is 
necessary  to  keep  it  vital  and  targeted,  and 
the  best  way  to  make  it  effective  is  to  use 
the  feedback  from  the  participants.  Help 
your  employees  understand  the  security 
goals  and  threats,  so  that  they  can  help  pre¬ 
vent  and  detect  incidents. 

This  is  the  real  goal  of  the  security  aware¬ 
ness  program:  transforming  the  employees 
from  a  sea  of  possible  security  holes  into 
an  integral  part  of  the  security  system, 
actively  involved  in  the  monitoring  and 
escalation  process. 


SHAPING  YOUR  NETWORK 


IP  switches  deliver  broadband  over  cable 


■  BY  HOLLAND  YOUNG 

Todays  broadband  options  include  stan¬ 
dard  T-l  services,  DSL  or  access  to  Ethernet- 
based  metropolitan-area  networks.  T-l  ser¬ 
vices  can  be  pricey,  DSL  isn’t  available 
everywhere,  especially  if  your  location  is 
too  far  away  from  the  central  office,  and 
metropolitan  Ethernet  is  limited  to  major 
cities. 

A  new  technology  is  making  it  possible 
for  companies  to  obtain  dedicated,  IP- 
based  broadband  connections  over  stan¬ 
dard  coaxial  cable  lines. 

Typical  cable  networks  have  several 
limitations  that  make  them  unsuitable 
for  corporate  access.  Bandwidth  is 
shared  among  end  users,  which  means 
service  slows  drastically  during  periods 
of  peak  usage.  The  cable  architecture 
also  forces  each  user  to  wait  for  permis¬ 
sion  to  transmit,  causing  latency  that  is 
problematic  for  telephone  conversa¬ 
tions,  video  transmissions  or  other  real¬ 
time  services.  Until  now,  cable  operators 
could  only  offer  “best-effort"  service  in 
the  1M  to  3M  bit/sec  range,  which  may 
be  a  reasonable  solution  for  home  users, 
but  corporations  depend  on  reliable, 
robust  connectivity  to  enable  routine 
daily  business  communications. 

The  one  advantage  of  cable  is  that  the 
hybrid  fiber  coaxial  (HFC)  network  is 
ubiquitous  in  the  U.S.  During  the  past  few 
years,  operators  have  upgraded  their  HFC 
networks,  reducing  the  number  of  cus¬ 
tomers  on  a  given  fiber  node,  improving 
performance  and  increasing  bandwidth 
jcapability 

In  combination  with  the  upgraded  HFC 
plant,  new  technology  lets  cable  operators 


provide  dedicated  bandwidth  to  each 
enterprise  subscriber.  With  this  system, 
each  company  is  allotted  its  own 
switched,  dedicated  IP  connection  that  is 
scalable  from  5M  to  40M  bit/sec  down¬ 
stream  and  500K  to  8M  bit/sec  upstream. 

As  bandwidth  is  “locked  up”  for  each 
user,  it  is  available  to  that  user  in  the  same 
manner  that  a  T-l  is  dedicated  to  a  user  24 
hours  a  day  7  days  a  week. 

The  dedicated  IP  channel  system  con¬ 
sists  of  an  IP  switch  router  located  at  the 
cable  system  head-end  facility  and  a  gate¬ 
way  IP  router  located  at  the  customer 
premises. This  requires  no  changes  to  the 
HFC  network  and  therefore  no  capital 
expenditures  to  pass  on  to  the  subscriber. 


The  heart  of  this  service  delivery  plat¬ 
form  is  the  switch  router  that  resides  at  the 
cable  system  head  end.  The  device  inter¬ 
faces  with  the  cable  system  routers  and 
switching  systems  for  data,  voice  and 
video  services  via  Gigabit  Ethernet.  From 
there,  it  delivers  IP  packets  over  the  cable 
plant  to  enterprise  subscribers  utilizing 
Quadrature  Amplitude  Modulation. 

At  the  enterprise  location,  an  access 
gateway  demodulates  the  transmissions 
and  extracts  the  IP  packets,  delivering 
them  to  users  via  100Base-T  Ethernet. 
The  system  is  designed  to  support 
Internet  access  and  all  WAN  traffic, 
including  e-mail  and  mission-critical 
applications. 


■  HOW  IT  WORKS 


Broadband  over  cable 

Advances  in  hybrid  fiber  coaxial  network  architec¬ 
ture  let  cable  operators  offer  dedicated  broadband 
connections  to  enterprise  customers. 


I  Cable  system’s  routers  and  switches  connect 
to  IP  switch  router  over  Gigabit  Ethernet  link. 

Distribution  hub 


© 


Router  delivers  IP  packets 
to  optical  transciever. 


rS?i 


E 


Gigabit  Ethernet 

M 

Switch  router 


IP  switch  router 


© 


Optical  transceiver  uses  Quadrature 
Amplitude  Modulation  to  transmit  IP  packets 
over  the  cable  network's  fiber  at  dedicated 
speeds  of  5M  to  40M  bit/sec  downstream. 


Optical  Optical  node 
transceiver 


IP  gateway  router  demodulates 
the  transmission,  extracts  the  IP 
packets  and  delivers  them  to  the 
end  user  over  Fast  Ethernet  links. 
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IP  router 

End-user  gateway  in 
office  building 


The  switch  router  provides  IP  quality  of 
service  (QoS)  and  traffic  management 
capabilities  based  on  industry-standard 
mechanisms  such  as  Differentiated  Serv¬ 
ices  and  Multi-protocol  Label  Switching. 
Because  the  switch  router  combines  IP 
QoS  with  a  transport  technology  that  pro¬ 
vides  deterministic  bandwidth  between 
network  and  customer  premises,  there  is 
no  need  to  implement  latency-causing 
extensions  that  focus  on  arbitrating  shared 
bandwidth.  By  leveraging  the  Internet 
Engineering  Task  Force  QoS  standards, 
traffic  flows  are  handed  off  seamlessly 
from  the  backbone  to  the  network  edge, 
across  the  last  mile  and  to  the  customers 
physical  interface  using  a  common  QoS 
signaling  protocol. 

With  this  level  of  bandwidth,  enterprise 
services  such  as  videoconferencing, 
remote  security  monitoring,  off-site  back¬ 
up, VPN  and  voice-over-IP  service  are  pos¬ 
sible.  Dedicated  bandwidth  eliminates 
the  latency  inherent  in  contention-based 
architectures,  improving  QoS  and  en¬ 
abling  telephone-company-grade  service- 
level  agreements.  Network  reliability  is 
maintained,  as  the  switch  router  is  a  car¬ 
rier-class  design  with  99.999%  reliability 
including  automatic  failover  to  standby 
modules. 

Bandwidth  is  also  dynamically  scal¬ 
able  by  the  operator  at  any  time  and 
can  be  increased  up  to  40M  bit/sec  to 
match  the  changing  needs  of  enterprise 
subscribers. 

Young  is  vice  president  of  customer  oper¬ 
ations  at  Advent  Networks  in  Austin,  Texas. 
He  can  be  reached  at  hyoung@adventnet 
works.com,  www.advent.net. 


Dr.  Internet 


By  Steve  Blass 


We  installed  a  Web-based  search  engine  service 
on  our  Web  site.  Now  we  want  to  install  one  for 
our  intranet  and  the  confusion  begins.  The  tech¬ 
nical  staff  says  it  is  not  possible  because  of  our 
firewall.  Can  we  install  a  search  engine  for  our 
intranet?  If  the  firewall  prevents  it  how  can  we 
override  it? 


Your  IT  guys  may  be  right  about  Web-based 
search  service  spiders  not  being  able  to  see 
through  your  firewall.  However,  there  are  many 


intranet  search  products  for  installation  in  your 
network.  These  products  range  from  freeware 
scripts  to  enterprise  solutions  from  search 
engine  leaders.  The  site  www.actionsearch. 
com/howtoinstall.htm  lists  a  number  of  search 
engine  tools  you  can  find  to  build  a  search 
engine  inside  the  firewall.  The  site  www.search- 
tools.com  has  information  about  choosing  and 
implementing  intranet  search  engines. 
Commercial  tools  range  in  price  from  low  to 
through  the  roof.  Implementing  an  open  source 


product  requires  talented  time  and  effort. 

What  you  choose  depends  on  your  business 
case  for  implementing  intranet  searches.  A 
stopgap  workaround  to  consider  using  wnile 
you  sort  out  what  to  do  is  to  provide  site  map 
links  on  your  intranet  pages  for  hierarchical 
site  navigation. 

Blass  is  a  network  architect  at 
Change@Work  in  Houston.  He  can  be  reached 
at  dr.internet@changeatwork.com. 
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Gost-efFective  network  management 


How  much  do  you  expect  to  spend  on 
network  management  tools? 
$50,000?  $100,000?  These  are  the  sort 
of  figures  that  usually  are  quoted  for  seri¬ 
ous  network  management  software,  yet,  as 
many  people  will  attest,  getting  your 
money’s  worth  out  of  such  an  investment 
can  be  difficult. 

This  is  because  the  top-end  suites  are 
huge!  Not  only  is  the  implementation  time- 
consuming,  the  ambitious  scale  of  many 
suites  is  far  beyond  what  network  man¬ 
agers  really  need. 

The  above  is  all  to  introduce  a  tool  we’ve 
just  had  some  serious  fun  with  called 
WhatsUp  Gold  from  Ipswitch  (www. 
ipswitch.com). 

WhatsUp  Gold  (nope,  there  is  no  silver  or 
bronze)  is  a  network  management  tool 
that  includes  active  discovery  of  devices 
and  device  identification,  monitoring  of 
services  by  TCP  and  User  Datagram 
Protocol  (UDP),  SNMP  trap  monitoring, 
multiple  interface  support,  customizable 


Web  interface,  dependency  checking,  text- 
to-speech  notification  and  extensive 
reporting.  And  all  this  for  $800. 

It  can  do  pretty  much  everything  you 
need  in  the  way  of  network  management 
short  of  the  exotica  offered  by  the  big  boys’ 
tools  (which  many  of  you  tell  me  you 
aren’t  overpleased  with  anyway). 

So  what  is  WhatsUp  Gold  all  about?  It  can 
be  installed  on  any  version  of  Windows 
greater  than  95, and  it  is  a  simple  and  pain¬ 
less  process.  The  manual  is  well-written 
and  comprehensive  (and  as  intrinsically 
dull  as  only  a  good  manual  can  be). 

Once  it  is  up  and  running  you  can  create 
a  new  network  map  by  adding  devices 
individually  or  using  the  autodiscovery  fea¬ 
ture.  The  latter  populates  the  map  by  sur¬ 
veying  your  network  using  SNMP  Internet 
Control  Message  Protocol,  your  Windows 
Network  Neighborhood,  local  Windows 
registry  entries  and  local  “hosts”  file,  and  by 
TCP/UDP  searches  for  specific  services 
(such  as  HTTP  and  FTP). 

You  can  add  optional  links  between 
devices  and  links  for  passive  devices  such 
as  hubs.Then,voila,you  are  ready  to  roll. 

Another  neat  feature  is  the  ability  to 
define  a  device  and  then  use  the  built-in 
traceroute  service  to  create  a  map  of  all  the 
hops  leading  to  it.  Way  cool.  You  can  also 
set  WhatsUp  Gold  to  poll  the  devices  in  the 


map  on  a  schedule,  and  automatically  dis¬ 
cover  new  devices  as  they  appear. 

In  display  and  edit  mode,  devices  are 
shaped  and  color-coded  according  to  their 
status  (in  keeping  with  the  overall  config¬ 
urability  of  the  product’s  interface, you  can 
change  the  colors  and  icons  as  you 
please). 


GEARHEAD  RATING 


Ipswitch 
WhatsUp  Gold 


1  =  a  w  f  u  I , 

10=insanely  great 


Other  views  of  the  network  include  a 
detailed  list  of  the  statistics  of  each  device, 
a  log  of  outstanding  notifications  (every 
device  can  have  notifications  associated 
with  going  down,  coming  up,  response 
thresholds,  SNMP  traps  and  so  on)  or  a  sta¬ 
tus  display 

This  latter  display  raises  one  of  my  few 
complaints  about  the  product:  It  is  amaz¬ 
ingly  ugly  and  full  of  grunged,  truncated 
text.  A  minor  issue  nonetheless. 

You  can  set  notifications  to  occur  by 
sounds  (“oh-gah,  oh-gah”  for  example), 
e-mail,  pager,  beeper,  Winpopup  or  voice-to- 
text  (in  our  office  we  now  have  a  sepul¬ 


chral,  godlike  voice  announcing  major  sta¬ 
tus  changes  that  seems  to  get  serious  atten¬ 
tion  from  the  slaves  who  man  the  networks 
here). 

Another  view  is  dependencies  —  you 
can  define  one  device  as  being  dependent 
on  another  so  the  dependent  device  is 
polled  only  if  the  “superior”  device  fails  to 
respond.  For  complex  networks  this  signifi¬ 
cantly  reduces  the  polling  traffic  and  the 
polling  interval  that  can  be  used. 

What  we  really  liked  was  the  Web  inter¬ 
face.  WhatsUp  Gold  has  a  built-in  Web 
server  (with  a  configurable  port)  and  a 
templating  system  that  you  can  change  to 
create  custom  management  views  and  re 
ports.  The  templates  are  based  on  a  sim¬ 
ple  scripting  language  that  includes  con¬ 
ditionals  and  loops. 

If  you  try  out  or  buy  the  product  make 
sure  you  look  at  the  custom  Web  templates 
on  the  Ipswitch  site  —  they  are  for  Internet 
Explorer  clients  only  but  far  nicer  to  use. 

We  could  go  on  at  length  about  this  prod¬ 
uct  but  you  really  need  to  try  it  out.  It  is 
robust, flexible, customizable  and  fast  —  an 
excellent  value  for  the  money  Much  better 
than  spending  $50,000,  eh?  We  award 
WhatsUp  Gold  nine  gearteeth  out  of  10. 


Send  your  savings  to  gearhead@gibbs 
.com. 


Quick  takes 
on  high  tech  toys 

By  Keith  Shaw 


The  Express  Network  launched  in 
January  and  coverage  has  been  expand¬ 
ing  since. Verizon  says  it’s  not  available  on 
one-third  of  its  nationwide  network. 


Verizon  launches  IX  phone 

Verizon  Wireless  and  LG  InfoComm  have  launched  the 
VXl,a  3.8-ounce  mobile  phone  that  connects  to  Verizon’s 
new  Express  Network.  The  Express  Network,  which  runs 
on  Code  Division  Multiple  Access  1XRTT  technology,  pro¬ 
vides  data  speeds  of  up  to  144K  bit/sec,  with  an  average 
data  transmission  of  between  40K  and  60K  bit/sec. 

The  VX1  connects  to  the  higher-speed  net¬ 
work  via  Verizon’s  Mobile  Office  con¬ 
nectivity  kit,  which  costs  $80.  The 
Mobile  Office  kit  includes  a  Universal 
Serial  Bus  (USB)  data  cable  and  soft-  ’ 
ware  to  connect  the  phone  to  your  lap¬ 
top,  along  with  installation  software. 

The  phone  is  a  clamshell  design,  with 
a  second  LCD  display  on  the  outside  of 
the  phone  that  lets  you  see  incoming 
calls,  battery  and  signal  strength, and  date 
and  time  without  opening  the  phone. The 
phone  also  features  a  Wireless  Application 
Protocol  browser  (which  runs  off  the  lower- 
speed  data  network);  about  110  hours  of 
standby  time  and  180  minutes  of  talk  time; 

199-name  phone  book  with  six  numbers  per 
name; a  scheduler;  CMX  MIDI  ringer;  and  two 
games.The  phone  costs  $200  and  is  available 
online  at  www.verizonwireless.com. 


Magnetic  stripe  card 
reader  for  the  iPaq 

Semtek  recently  launched 
its  iSwipe,  a  magnetic  stripe 
card  reader  for  Compaq  iPaq 
handhelds. With  the  iSwipe,  an 
iPaq  connected  with  a  wire¬ 
less  modem  can  become  a 
mobile  credit  card  processing  terminal. 

According  to  Semtek,  a  waiter  in  a  restaurant  can 
accept  payment  at  the  table  instead  of  having  to  return  to 
a  central  location.  In  a  retail  setting,  payments  can  be 
made  while  customers  wait  in  line. 

The  iSwipe  clips  on  to  the  bottom  of  the  iPaq,  allow¬ 
ing  for  the  expansion  slots  (such  as  a  wireless 
modem)  to  be  used.lt  uses  minimal  power  from  the 
host  iPaq,  remaining  in  “sleep”  mode  when  not  in 
use.  When  a  card  is  swiped  through  the  reader, 
data  on  the  card  is  decoded  and  transferred  to 
the  handheld’s  database.  Semtek  says  it  has 
partnerships  with  third-party  credit  card¬ 
processing  services. 

Pricing  hasn’t  been  announced.  More 
information  is  at  www.semtek.com. 


sionals,  engineers,  architects, 
desktop  publishers  and  video 
editors.The  monitor  can  display 
two  standard  pages  of  text  side 
by  side,  Planar  says. 

It  has  a  UXGA  resolution, which 
measures  1,600  by 
1,200  pixels.  Add¬ 
itional  features  in¬ 
clude  a  160<iegree 
viewing  angle,  ana- 
.  log  and  digital 
video  inputs,  a  USB 
hub  and  on-screen 
controls.The  display 
also  comes  bundled 
with  Benwin  GX-6A  mul¬ 
timedia  speakers,  flat-panel  satellite  speakers  and  a  pow¬ 
ered  subwoofer.  More  information  on  the  monitor  and 
Planar’s  other  systems  is  available  at  www.planar.com. 


Planar  Systems'  flat-panel 
monitor  can  display  two  standard¬ 
sized  test  pages. 


The  iSwipir 
lets  waiters  approve  credit 
card  transactions. 


Going  large  with  your  flat-panel 
monitor 

Sometimes  you  just  have  to  splurge.  If 
your  company  is  in  a  giving  mood,  have 
them  buy  you  a  $3,600,  23.1-inch,  flat- 
panel  monitor  from  Planar  Systems.  The 
company  just  launched  the  monitor  and  is 
targeting  the  product  at  financial  profes- 


Toshiba  launches  an  entry-level  Pocket  PC 

Toshiba’s  Computer  Systems  Group  has  announced 
availability  of  the  Pocket  PC  e310,a  $400  color  PDA  aimed 
at  first-time  PDA  buyers  or  value-conscious  buyers  look¬ 
ing  for  a  device  beyond  personal  information  manager 
functionality 

The  e310  runs  on  the  Pocket  PC  2002  operating  system; 
weighs  less  than  5  ounces;  has  a  3.5-inch,  high-resolution, 
64,000-color  display;  USB  cradle  and  integrated 
SecureDigital  expansion  slot.  Bundled  software  includes 
Pocket  Word,  Ftocket  Excel,  Pocket  Internet  Explorer, 
ActiveSync  and  Fbcket  Media  Player.  The  device  comes 
with  32M  bytes  of  both  RAM  and  ROM,  and  runs  on  an 
Intel  StrongArm  206-MFlz  processor. 

Go  to  www.csd.toshiba.com  for  more  information. 


Shaw  can  be  reached  at  kshaw@nww.com. 


Only  a  Xerox  Document  Centre®  shifts  your  office 
into  overdrive.  It  prints,  copies,  faxes,  scans  and  e-mails 
like  no  other.  Saving  you  time  and  money. 
There’s  a  new  way  to  look  at  it. 


Performance  proves  it.  Top  companies  know  it. 

That’s  why  86%  of  Fortune  500®  companies  rely 
on  Document  Centre  Multifunction  systems  to  save 
them  time  and  money*  Our  unique  design  provides 


maximum  network  performance.  The  result  is  cost¬ 
crunching  productivity  that  puts  your  business  way 
ahead  of  the  pack.  To  find  out  how  we  can  save 
your  business  time  and  money,  get  in  touch  today. 


Visit:  www.xerox.com/vroom  Call:  1-800-ASK-XEROX  ext.VROOM 


The  Document  Company 

XEROX 


•Certain  Document  Centre  features  are  optional  ©2002  XEROX  CORPORATION.  All  rights  reserved.  XEROX* The  Document  Company?  Document  Centre*  and  There's  a  new  way  to  look  at  it  are  trademarks  of  XEROX  CORPORATION 


NetworkWorld 


5/6/02 


EDITORIAL 

John  Gallant 

Big  names  line 
up  for  broad¬ 
band  debate 

First,  the  good  news:  SBC  Communications  and 
DlRECWAY,the  leading  DSL  and  satellite  Internet 
providers,  respectively  will  participate  in  Network 
World’s  Broadband  Showdown  at  SuperComm  in  June. 
What’s  more,  WorldCom  came  forth  unchallenged  to  repre¬ 
sent  the  fixed  wireless  world  in  this  debate  among  suppli¬ 
ers  of  the  most  important  broadband  access  technologies. 
Now  the  bad  news:  AOL  Time  Warner  won’t  show  its  face. 
Don’t  ask  me  why  Despite  repeated  invitations,  AOL 
Time  Warner  —  the  top  provider  of  cable  modem  service 
—  said  only  that  it  will  not  get  up  on  stage  with  its  rivals. 
No  explanation  offered. 

Network  World  has  run  almost  20  of  these  presidential- 
style  debates  since  1995  on  topics  ranging  from  operating 
systems  to  frame  relay. Time  and  again,  the  leading  vendors 
have  quickly  agreed  to  the  tough  job  of  debating  one  an¬ 
other.  They  believe,  as  we  do,  that  it’s  their  responsibility  to 
share  information  with  customers  and  to  bring  important 
issues  to  light.  An  informed  customer  is  a  better  customer. 

I  can  count  on  one  hand  the  number  of  vendors  that 
have  said  no  to  a  Showdown  but,  sadly  AOL  Time  Warner 
now  joins  that  less-than-illustrious  group  of  naysayers.  As  1 
said,l  have  no  explanation.  But  I  encourage  you  to  con¬ 
tact  the  company  to  see  if  you  can  get  an  answer.  Let 
them  know  you’re  disappointed. 

AOL  Time  Warner’s  decision  to  lay  low  opens  the  door 
for  AT&T  Broadband,  the  No.  2  cable  modem  provider 
and  our  new  invitee  to  the  June  5  Showdown  (for  more 
information  on  the  session,  go  to  www.supercomm2002. 
com).  We’ve  asked  AT&T  to  send  a  top  executive  to  join 
in  the  Showdown,  and  we’ll  be  pleased  to  have  the  com¬ 
pany  on  board. 

For  now,  please  welcome  these  excellent  speakers  to 
the  debate. SBC  is  sending  Chris  Rice, senior  vice  presi¬ 
dent  of  network  planning  and  engineering,  while 
DIRECWAY  sends  Peter  Gulla,  vice  president  of  consumer 
sales  and  marketing.  WorldCom’s  representative  will  be 
Joe  Brooks,  vice  president  of  sales  and  market  develop¬ 
ment  for  broadband  solutions. 

These  executives,  along  with  AT&T  Broadband’s  repre¬ 
sentative,  will  debate  the  merits  of  cable,  DSL,  fixed  wire¬ 
less  and  satellite  broadband  options  for  businesses  and 
consumers.  We’ll  talk  pricing,  availability, support  and  lots 
more. This  will  be  a  true  debate  with  no  scripted  ques¬ 
tions  and  no  PowerPoint  slides. 

I  hope  you’ll  send  questions  and  mark  the  date. 

To  SBC.  WorldCom  and  DIRECWAY,  I  offer  my  congratu¬ 
lations  on  taking  the  Showdown  challenge.To  AOL  Time 
Warner,  1  say:  Why  won’t  you  show? 

—  John  Gallant 
Editorial  director 
jgallant@nww.  com 


www.nwfusion.com 


No  guarantees 

Regarding  “Variations  on  a  VPN  theme”  (www.nwfu- 
sion.com,  DocFinder:  9224): There  is  nothing  private 
about  Multi-protocol  Label  Switching  —  it  is  no 
more  secure  than  frame  relay  X.25  or  a  leased  line. 
Just  because  you  can’t  see  the  cable  or  it’s  locked  up 
in  a  service  provider’s  equipment  room  does  not 
guarantee  privacy 

MPLS  offers  a  virtual  networking  solution,  but  is 
not  a  VPN  in  the  traditional  sense.VPNs  are  generally 
understood  to  have  end-to-end  security,  not  just  the 
bit  in  the  middle.  Sure,  I  can  have  quality  of  service 
and  so  on,  but  as  an  end  user  I  can  negotiate  quali¬ 
ty  of  service  or  service  levels  with  many  providers 
and  use  their  networks  to  provide  QoS  and  run  my 
VPNs  over  their  IP  backbones.The  fact  that  they  may 
be  using  MPLS  in  the  middle  is  completely  irrelevant 
to  me  as  a  user.  I  just  want  connectivity  and  perfor¬ 
mance.  If  they  can  guarantee  that,  I  don’t  care  what 
technology  they  use.  I  can  secure  my  communica¬ 
tions  over  their  networks  and  anyone  else’s  my  data 
passes  through. 

Bob  Brace 
Scotts  Valley,  Calif. 

SIP  is  lagging 

Regarding  “IP  telephony  talk  zeroes  in  on  SIP” 
(www.nwfusion.com, DocFinder:  9225):  I  take  excep¬ 
tion  to  the  statement  that  Session  Initiation  Protocol 
is  interoperable.  Having  used  and  developed  H.323 
and  SIP  in  my  company’s  networks, I  can  tell  you  that 
SIP  is  still  several  years  behind  H.323  in  interoper¬ 
ability  and  that  any  of  the  features  found  in  SIP  are 
available  in  H.323. 

SIP  lags  in  basic  dual-tone  multifrequency  hand¬ 
ing,  interoperability  testing,  control  systems  and 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  II 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  aerification. 


deployments.  Its  strongest  appeal  is  that  the  initial 
programming  can  be  done  using  text  fields  instead 
of  binary  fields,  which  makes  it  easier  for  less-expe¬ 
rienced  programmers  to  get  a  basic  demonstration 
voice-over-IP  application  running. 

Interested  readers  can  find  a  fair  and  accurate 
technical  comparison  of  H.323  and  SIP  at  Packet- 
izer’s  Web  site  (www.packetizer.com/iptel/h323 
_vs_sip/).  Also,  OpenSource  commercial  stacks  for 
H.323  and  SIP  are  available  at  the  OpenH323  Pro¬ 
ject’s  Web  site  (www.openh323.org). 

Stacey  Reineccius 
President 
Quicknet  Technologies 
San  Francisco 

Pockey  fan 

Regarding  your  Cool  Tools  item  on  the  Pockey 
portable  hard  drive  (www.nwfusion.com,  DocFin- 
der:  9226):  I  have  been  using  a  20G-byte  Pbckey 
drive  since  last  July  and  am  very  happy  with  its  per¬ 
formance.  I  bought  it  after  repeated  bad  experi¬ 
ences  with  three  different  internal  Jaz  drives  in  my 
SCSI  300-MHz  Pentium  2,  which  runs  under  Win¬ 
dows  98.  After  I  bought  a  2-GHz  ATA  Pentium  4  run¬ 
ning  Windows  XR 1  used  the  Pockey  drive  to  copy 
files  from  the  old  computer  to  the  new  one.  In¬ 
stalling  the  Pockey  was  a  snap  on  both  machines. 

I  originally  bought  the  Pbckey  drive  because  the 
hard  drive  in  my  old  computer  was  crammed  full.  I 
thought  that  it  would  be  better  to  get  an  expansion 
drive  that  I  could  use  with  any  computer  that  has  a 
Universal  Serial  Bus  port,  rather  than  spend  big 
bucks  to  put  another  SCSI  drive  in  the  old  machine. 
So  far,  this  has  proved  to  be  a  good  decision  and 
the  Pockey  has  proved  to  be  a  good  purchase. 

Dan  Chain 
CEO 

ATRIA  Architects 
.  Cheshire,  Conn. 
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INTRANET  ADVISER 

Daniel  Blum 


icrosoft  has  come  full  circle  on  how 
much  consolidation  is  possible  when 
moving  from  Windows  NT  4  to  Active 
Directory 

In  the  early  days  of  Windows  2000,  Microsoft 
generally  recommended  consolidating  multi¬ 
ple  NT  4  domains  into  one  Active  Directory 
domain  —  or  if  that  was  not  possible,  into  a  single  forest  or  collection 
of  domains.  Consolidation  brings  many  benefits,  including  reducing 
the  number  of  sign-ons  for  users  and  simplifying  administration  of 
users,  computers  and  applications. 

Microsoft  initially  advertised  that  the  domain  is  the  “security  bound¬ 
ary  Each  business  unit  in  a  company  could  appoint  its  own  domain 
administrators  who  would  control  user  administration  and  security 
administration.  By  implication, you  could  have  very  large  forests  while 
preserving  the  security  and  autonomy  of  each  domain. 

1  was  a  single-forest  skeptic  from  the  start,  insisting  that  customers 
always  work  through  a  careful  analysis  of  the  benefits  of  single-forest 
consolidation  vs.  the  costs  and  risks  created  by  the  requirement  for 
much  closer  cross-business  unit  coordination  between  domain  and 
site  administrators  in  one  forest.  I  believed  that  mixing  intranet 
domains  with  extranet  domains,  or  other  highly  sensitive  domains, 
could  compromise  security.  Even  so,  1  was  not  skeptical  enough. 

Over  time,  Microsoft  has  backed  away  from  the  single-forest  concept, 
finally  publishing  this  past  winter  a  white  paper  disclosing  that  service 


Is  your  forest  burning? 


administrators  in  one  domain  can’t  be  isolated  from  other  domains  in 
the  forest.  Since  then,  Microsoft  has  done  a  security-threat  analysis.  It 
determined  that  a  serious  hacker’s  goal  is  to  gain  physical  access  to  a 
domain  controller, or  network  access  to  a  service  administrator  account. 

Microsoft  also  has  been  doing  disaster  planning.  Recently  it  wiped  out 
the  domain  controllers  on  its  entire  development  group  forest,  which 
serves  thousands  of  users,  and  tested  the  procedures  necessary  to  bring 
it  back  online.  And  at  Microsoft’s  recent  TechEd  conference,  a  speaker 
went  so  far  as  to  advise  large  companies  that  “if  you  don’t  have  a  single 
CIO, you  shouldn’t  have  a  single  forest.” 

The  trouble  is,  a  number  of  large  companies  are  at  risk  because  they 
have  deployed  or  plan  to  deploy  one  forest.  Not  all  of  these  companies 
have  a  single  CIO,  and  departments  that  bought  into  this  design  may 
not  have  been  aware  that  by  joining  a  domain  or  a  computer  to  a  for¬ 
est,  a  department  or  user  must  trust  the  hundreds  or  thousands  of  ser¬ 
vice  administrators  in  that  forest. 

Stay  tuned  to  www.microsoft.com/activedirectory  Microsoft  plans  to 
release  new  security  best-practices  recommendations  soon,  docu¬ 
menting  the  procedures  for  recovering  from  a  catastrophic  forest  fire. 
In  the  meantime,  if  you’re  a  distributed  company  with  islands  of  admin¬ 
istration  and  planned  a  single  forest,  it’s  back  to  the  drawing  board. 


[Microsoft]  deter 
mined  that  a 
serious  hacker's 
goal  is  to  gain 
physical  access 
to  a  domain 
controller .... 


Blum  is  senior  vice  president  and  research  director  with  The  Burton 
Group,  an  integrated  research,  consulting  and  advisory  service.  He  can  be 
reached  at  dblum@burtongroup.com. 


REALITY  CHECK 

Thomas  Nolle 


'  ou’ve  heard  about  how  the  regional  Bell 
operating  companies  are  getting  ready 
to  enter  the  long-distance  market?  Well, 
get  ready  for  the  next  development.  The 
interexchange  carriers  —  or  at  least  World- 
Corn’s  MCI  unit  —  are  getting  ready  to  enter 
the  local  exchange  arena.  Does  this  mean 
competition  in  the  local  loop, or  are  we  about  to  get  dazzled  by  another 
blinding  hype  explosion?  Both,  as  it  happens. 

WorldCom’s  plan  is  to  become  a  national  provider  of  consumer 
communications  services  at  one  price  for  unlimited  local  and  long¬ 
distance  calls. “The  Neighborhood”  differs  from  other  calling  plans  in 
that  it  has  no  restrictions  on  who  is  called  (no  “AT&T  customers  only”) 
and  includes  local  phone  services.  It  seems  clear  that  WorldCom  is 
responding  to  the  RBOC  threat  by  launching  a  threat  of  its  own. 

Whether  it’s  anything  other  than  posturing  may  be  another  matter.The 
Neighborhood  primarily  is  based  on  wholesaled  RBOC  local  elements, 
not  new  buildout.  Whatever  your  politics,  you’ve  got  to  admit  that 
Federal  Communications  Commission  Chairman  Michael  Fbwell  has  a 
point  when  he  says  competition  isn’t  created  by  having  a  bunch  of 
companies  resell  the  goods  of  a  single  provider. WorldCom  is  still  lining 
the  RBOCs’  pockets  with  the  wholesale  revenue  of  the  local  parts  of  the 
service,  and  earns  only  the  spread  between  wholesale  and  retail  pric¬ 
ing  as  its  profit.  If  that’s  good  enough,  why  did  WorldCom  wait  so  long 
to  enter  the  space?There’s  nothing  in  the  deal  that  could  not  have  been 
offered  long  before. 

If  The  Neighborhood  doesn’t  say  much  for  WorldCom’s  interest  in 
becoming  a  full-service  carrier,  it  says  a  lot  about  the  marketplace. 

First,  here’s  an  IXC  admitting  that  it  can’t  build  out  competitive  local 
exchange  infrastructure.  In  addition, WorldCom  is  admitting  that  it  can’t 
do  a  cable  partnership  to  reach  local  exchange  customers.  Otherwise, 
why  deal  with  the  RBOCs?  Do  you  want  real  facilities  competition  to 
the  RBOCs?  “Pick  up  a  cell  phone”  is  the  message  of  this  deal. 

And  that’s  the  second  lesson  of  The  Neighborhood:  If  you  want  to  be 
an  IXC, have  a  cellular/PCS  business. WorldCom  doesn’t  have  one, you'll 


Gan  the  IXCs  make  it  as 


recall. The  unlimited  local-plus-long-distance  plans  WorldCom  is  offer¬ 
ing  are  priced  similarly  to  the  wireless  “anywhere”  plans  of  competitors. 
While  The  Neighborhood  offers  unlimited  calling  while  wireless  limits 
the  number  of  minutes,  many  consumers  will  see  the  new  scheme  as 
competition  with  wireless,  but  without  the  convenience  of  mobility 

Speaking  of  competition,  could  it  be  that  all  the  media  hype  about 
“increasing  competition”  in  the  local  exchange  market  didn’t  mean 
empowering  legions  of  little  competitive  local  exchange  carriers,  but 
simply  creating  an  environment  where  three  IXCs  could  buy  and  resell 
local  service  elements  from  RBOCs?  Was  this  just  big  guy  vs.  big  guy  all 
along?  Darn  straight  it  was.  If  you  want  public  support  against  Goliath, 
send  a  David  and  not  another  Goliath  to  fight  him. 

To  look  beyond  the  industry  lessons,  though,  there’s  the  question  of 
whether  this  will  even  work  for  WorldCom.  The  plan  will  attract  only 
the  heavy  users.  Those  who  now  pay  less  than  the  $50  to  $60  per 
month  the  plan  costs  probably  will  not  be  interested.  Every  deal  done 
on  a  plan  like  this  will  save  the  customer  and  cost  WorldCom.  If  the 
other  IXCs  follow  WorldCom’s  lead,  their  similar  plans  will  also  cost 
them.“Neighborhood-like”  plans  are  likely  to  be  a  net  revenue  loss  for 
the  carriers. 

All  but  the  RBOCs,  that  is.  The  long-distance  revenue  they  can  steal 
from  the  IXCs  is  all  found  money  to  them,  and  The  Neighborhood 
means  only  that  the  RBOCs  might  find  a  bit  less  money  picking  IXC 
pockets  as  they  enter  the  long-distance  market.  It’s  probable  that  the 
WorldCom  folks  see  this  clearly. 

Why  launch  The  Neighborhood,  then?  What  else  can  WorldCom  do? 
Recently  its  stock  tanked  by  about  one-third  in  a  single  day.  WorldCom 
management  can’t  just  sit  by  and  let  the  decline  continue  un¬ 
answered.  Anyhow,  there  may  be  value  in  the  tactic  from  another 
angle:  Maybe  the  RBOCs  will  buy  WorldCom  to  shut  it  up. That’s  prob¬ 
ably  WorldCom’s  last  hope. 

Nolle  is  president  of  ClMl  Corp.,  a  technology  assessment  firm  in 
Voorhees,  N.J.  He  can  be  reached  at  (856)  753-0004  or  tno!le@cimi- 
corp.com. 


LEGS? 


If  The  Neighbor¬ 
hood  doesn't  say 
much  for  World- 
Corn's  interest  in 
becoming  a  full- 
service  carrier,  it 
says  a  lot  about 
the  marketplace. 
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Storage  in  every  size  and  width. 


The  difference  between  winning  and  losing  is  a 
little  thing  called  “storage”  And  the  winning  play 
is  integrated  storage  solutions.  Why?  Hardware 
and  software  that  fit  and  work  together  speed 
implementation.  They  allow  you  to  maximize  your 
current  infrastructure  investments  and  help  reduce 
risk.  IBM  Total  Storage™  solutions  are  complete, 
cross-platform  storage  offerings  that  cover  storage 
networking,  disk,  tape,  software  and  services.  For 
example,  IBM  NAS  gives  you  amazingly  scalable 
data  storage  that  fits  into  just  about  any  LAN -fast. 
IBM  FAStT  offers  some  of  the  highest  performance, 
most  affordable  midrange  disk  storage  available 
today.  Are  you  bent  on  winning?  You  can  test-drive 
any  IBM  storage  solution  at  one  of  over  140  IBM 
TotalStorage  Solution  Centers.  Find  out  where,  at 
ibm.com/totalstorage/solutions 
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Maybe  you're  not  seeing  enough 

of  the  Big  Picture. 


Running  a  network  today  is  like  keeping  tabs  on  every  bee  in  a  hive 
simultaneously.  Tough  to  do,  but  necessary.  That's  why  we  built  the 
OptiView  Network  Analysis  Solution.  It  gives  you  full  time  vision— 
whether  you're  out  troubleshooting  or  at  your  console  monitoring  the 
Big  Picture.  Everything  works  together  the  same  way.  Everytime.  It's 
a  feature  rich  scalable  tool  set  that  lets  you  analyze  all  your  net 
activity,  all  the  time.  Including  seven  layer  decodes.  Advanced  network 
discovery.  Remote  packet  capture  capability.  Monitoring  SNMP  devices 
and  RM0N2  traffic.  Local  and  remote  device  mapping.  And  more. 
It's  the  perfection  of  Network  Supervision.  For  more  info,  go  to 
www.flukenetworks.com/netanalysis  or  call  us  at  1-800-283-5853 
to  see  the  Big  Picture  on  the  only  network  that  counts.  Yours. 


c200?  Fluke  Networks.  Inc.  U.S.  (800)  283-5853.  Canada  (800)  363-5853.  Europe  (31  40)  2  675  200. 
Other  countries  (425)  446-4519.  All  rights  reserved,  www.flukenetworks.com  Ad  no.  01503 


Intero 

Labs 

Every  year  since  1986,  engineers  have  taken  off  their  vendor  hats 
and  come  together  at  NetWorld+Interop  to  create  a  multivendor, 
interoperability  test  bed  focusing  on  the  hottest  emerging  tech¬ 
nologies.  This  year,  Network  World  is  sponsoring  the  InteropNet  Labs 
and  we  sent  two  of  our  Global  Test  Alliance  partners  to  the  pre-stage  event  last  month  in 
California  to  participate  in  the  testing  and  to  report  on  their  findings. 

In  this  exclusive  package  of  stories,  Joel  Snyder  reports  on  the  first  public  interoperability  test¬ 
ing  of  the  802. lx  wireless  security  standard  and  on  the  world’s  largest  MPLS  interoperability  test 
(page  64).  In  addition,  Kenneth  Percy  reports  on  the  coming-out  party  for  a  new  category  of  prod¬ 
ucts  —  storage  devices  based  on  iSCSI,  the  new  standard  that  enables  storage  over  IP  (page  66). 
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iLabs  team  puts  802.1  x  standard  to  the  interoper¬ 
ability  test  and  brings  deployment  issues  to  light. 


with  wireless  LAN  security 


Insecurity  has  been  the  dirty  little  secret  Technologies  and  Wind  River;  two  802.1x  wired 


Cooking  up  an  802.1x  net 

Any  802.  lx  deployment  requires  five  compo¬ 
nents.  Supplicant  software  runs  on  the  device 
needing  authentication.  An  802.1x-compatible  net¬ 
work  adapter  also  is  required  on  the  client.  That 
sounds  simple,  but  while  most  supplicants  work 
with  most  network  adapters,  it’s  not  a 
given  by  any  means. 

The  supplicant  needs 
to  talk  to  an  authen- 

ticator,  such  as  a  JmgRfflpgS  £ 

wireless  access  stijs 

M  jfl|r  j 

LAN,  ,  '  /M 


switches  from  Cisco  and  HP  acting  as  authentica¬ 
tors,  and  five  Remote  Authentication  Dial-in  User 
Service  (RADIUS)  based  authentication  servers 
handling  the  802. lx  queries  from  Funk,  HP, 
Interlink  Networks,  Microsoft  and  Secure 
Computing  (see  diagram,  page  62). 

Overall,  we  found  that  while  802.  lx  design  and 
configuration  is  complicated  on  the  front  end, 
once  the  network  is  up  and  running,  interoperabil¬ 
ity  between  supplicants  and  authentication  servers 
is  pretty  good.  The  major  limitations  come  in  the 
area  of  authentication  methods  supported  and  in 
platform  support  for  different  operating  systems 
and  authentication  databases. 

This  iLabs  testing  is  not  inten¬ 
ded  to  be  a  comprehensive  inter¬ 
operability  test  encompassing  all 
the  802. lx  wireless  products  on 
the  market.  But  with  the  amount 
of  testing  we  did  complete,  you  / 

can  glean  quite  a  bit  of  wireless 
network  deployment  advice.  / 


holding  back  wireless  technology  in  large 
enterprise  networks. 


The  3-year-old  Wired  Equivalent  Privacy  (WEP) 
protocol  has  been  discredited  so  thoroughly  that 
its  authentication  and  encryption  capabilities  are 
not  considered  sufficient  for  use  in  enterprise  net¬ 
works.  In  response  to  the  WEP  fiasco,  many  wire¬ 
less  LAN  vendors  have  latched  onto  IEEE  802. lx 
standard  to  help  authenticate  and  secure  both 
wireless  and  wired  LANs.  The  wildcard  with 
802. lx  protocol  is  interoperability. 

In  our  testing,  which  accounts  for  the  first  public 
802. lx  interoperability  event,  we  evaluated  how 
well  the  various  pieces  of  a  wireless  network  work 
together  according  to  this  security  specification. 
All  told,  we  tested  five  802.  lx  supplicants  (client- 
side  software)  from  Cisco,  Funk  Software,  Hewlett- 
Packard,  Meetinghouse  Data  Communications  and 
Microsoft;  six  802.1  lb  wireless  access  points  from 
3Com,  Cisco,  Enterasys  Networks,  Karlnet,  Symbol 


Wireless  Testing  Tally 

Testing  goal:  Explore  wireless 
security  options  and  demon¬ 
strate  802.1x  interoperability. 
Products  tested:  40 


Fact  found:  Choosing  an 
authentication  method  is  a 
defining  decision  in  terms  of 
which  802.1x-based  products 
you  can  use  together  in  your 


wireless  network. 

Sport  most  resembling 
technology:  Horseshoes  — 
where  “close”  is  almost  as 
good  as  “touching.” 


switch. 

The  authentication  is  handled  by  an  authentication 
server,  normally  a  RADIUS  server  that  has  been  extended 
to  support  the  Extensible  Authentication  Protocol  (EAP). 
(See  www.nwfusion.com,  DocRnder:  9236,  for  a  primer 
on  this  protocol.)  Technically  it  doesn’t  have  to  be  a 
RADIUS  server  and  even  can  be  built  in  to  the  wireless 
access  point  on  the  low  end.  But  any  enterprise  sized 
wireless  deployment  is  going  to  have  a  RADIUS  server  as 
part  of  the  picture  because  it  centralizes  authentication 
and  it  scales  well. 

Finally,  the  authentication  server  has  to  talk  to  a  user 
database.This  could  be  a  list  of  users  and  passwords,  an 
Lightweight  Directory  Access  Protocol  (LDAP)-based 
directory  or  SQL  database,  or  digital  certificates  issued 
by  a  public-key  infrastructure  (PKI). 

In  building  the  802.1x  test  bed, you  have  to  get  the  right 
mix  because  not  every  piece  supports  every  option. Some 
RADIUS  servers  do  not  support  authentication  using  PKI- 
based  digital  certificates. 

Although  the  iLabs  experience  was  a  whirlwind  of 
wireless  integration  completed  in  a  very  short  period  of 
time,  it  provides  a  snapshot  of  the  current  state  of  the 
802.  lx  marketplace  in  terms  of  what  products  are  avail¬ 
able  and  how  well  they  work  together. 

Starting  with  the  supplicant 

The  choices  for  802.  lx  supplicant  software  are  pretty 
limited.  If  you’ve  made  the  jump  to  Windows  XP  or  the 
.Net  version  of  Windows  CE, you're  in  luck:  it’s  built-in. 
However,  for  other  platforms,  it’s  not  so  easy. 

Meetinghouse  and  Funk  have  Windows-based  802.  lx 
supplicants  for  pre-XP  Windows  operating  systems. 
Meetinghouse  also  offers  a  free  client  for  Linux.The 
Open  lx  team,  an  open  source  group  largely  based  at  the 
University  of  Maryland,  also  has  created  an  open  source 
802.  lx  supplicant  for  Linux,  with  Berkeley  Software 
Distribution  support  promised  in  the  future. 

As  an  interim  measure  to  full  802. lx  support  in  its 
product  line,  Cisco  has  created  a  nonstandard  version  of 
802. lx  authentication  called  Lightweight  EAP  (LEAP). 
LEAP  is  built  into  Cisco’s  wireless  drivers  that  run  on  its 


Aironet  adapters  and  is  built  in  to  its  access  points). 
These  are  available  on  most  Windows  platforms, 
Macintosh  and  Linux. 

Network  professionals  who  elect  to  go  with  LEAP  as  an 
interim  step  toward  802.  lx  shouldn’t  see  compatibility 
problems.  In  our  testing,  we  combined  LEAP  and  standard 
802. lx  using  the  same  RADIUS  server  without  problems. 

Another  issue  to  consider  when  selecting  your  suppli¬ 
cant  is  how  it  will  interact  with  the  authentication 
method  for  your  wireless  deployment.  Although  EAP  has 
more  than  a  dozen  authentication  methods  defined,  only 
four  are  commonly  used.  In  addition  to  Cisco's  LEAPthere 
are:  Message  Digest  5  (MD5),a  one-way  authentication  of 
supplicant  to  network  using  passwords; Transport  Layer 
Security,  which  uses  PKI-issued  digital  certificates  for 
strong  mutual  authentication;  and  Tunneled  TLS  (TTLS), 
which  combines  network-based  certificates  with  other 
authentication  such  as  tokens  or  passwords. 

In  the  iLabs,  we  tested  all  four  methods.  We  found  that 
while  Cisco’s  LEAP  doesn’t  offer  the  strongest  security,  it 
does  service  the  most  platforms  —  as  long  as  you  want 
to  buy  Cisco  Aironet  cards  for  your  laptops  and  desk¬ 
tops. 

MD5  authentication  is  the  simplest  to  set  up  and  config¬ 
ure,  but  also  suffers  from  the  weakest  security.  MD5 
authentication  only  applies  to  the  supplicant;  the  network 
is  not  authenticated. This  opens  your  network  up  to  man- 
in-the-middle  attacks.  In  this  regard,  MD5  is  so  suspect  that 
not  every  supplicant  and  authentication  server  supports 
it. While  hacking  802. lx  with  MD5  isn’t  easy  (because  it 
requires  physical  presence),  it’s  just  a  question  of  being 
closer  to  the  client  than  the  real  access  point. 

Unfortunately, selecting  anything  stronger  than  MD5 
means  you  need  some  sort  of  PKI  in  place  to  issue  cer¬ 
tificates.  In  the  iLabs,  we  jumped  this  hurdle  by  using 
the  built-in  Windows  2000  Server  certification  authority 

TLS  authentication  uses  digital  certificates  on  both  the 
authentication  server  and  the  supplicant  sides.TLS  is 
essentially  the  same  protocol  used  in  Web  servers  for 
“https:”  URLs,  also  commonly  used  in  secure  Simple  Mail 
Transfer  Protocol,  Post  Office  Protocol  and  Internet 
Message  Access  Protocol  services.  If  you’ve  already 


Serving  up  wireless 
security,  802.1x  style 


This  diagram  shows  how  the  802.1x  wireless  security  process  is 
supposed  to  work  and  advice  on  how  to  make  it  work  that  we 
gleaned  from  our  iLabs  wireless  security  testing. 


The  steps  to  802.1x  authentication 

Q  Wireless  client  sends  authentication  request  to 
either  wireless  access  point  or802.1x-enabled 
switch.  We  recommend  updating  your  NDIS 
drivers  to  make  this  happen  properly. 

Q  Wireless  access  point  or802.1x-enabled 
switch  repackages  authentication  request  to 
send  on  to  RADIUS  server.  Make  sure  your 
RADIUS  server  is  compatible  with  EAP  and 

802.1x  standards. 

0  RADIUS  server  examines  request  and  may 
proxy  the  request  to  another  server  or  consult 
an  authentication  database  directly.  Consult 
our  online  chart  (www.nwfusion.com, 
DocFinder9235)  outlining  which  RADIUS 
servers  support  which  authentication  methods 
and  back-end  databases. 

O  If  access  is  authenticated,  RADIUS  server 
informs  wireless  access  point  or802.1x- 

enabled  switch. 

(T)  Wireless  access  point  or802.1x-enabled 

switch  informs  client  of  access.  We 
recommend  checking  that  WEP  has  been 
actuated  at  this  point,  because  not  all  clients 
synchronize  properly. 


Authentication  databases  tGX{  fj|e 


bought  into  a  PKI  solution, TLS  authentication  in  802.  lx 
is  a  great  option. TLS  is  standards-based  and  uses  mature 
protocols.  In  our  TLS  demonstrations,  we  tested  clients 
with  certificates  on  different  supplicants  and  even  in  a 
new  HP  wireless  printer  that  supports  802. lx.  Everything 
worked  without  problems. 

If  you  don’t  want  to  issue  certificates  to  all  your  wireless 
users,  you  have  to  move  onto  TTLS  authentication. 

With  TTLS  authentication  it’s  easy  to  give  certificates  to 
your  authentication  servers,  because  you  have  so  few  of 
them.  So  you  use  those  certificates  for  one-way  TLS 
authentication  (network  to  user),  and  once  you  have  a 
nice,  safe,  encrypted  and  integrity-checked  channel, you 
can  use  EAP  inside  of  the  TLS  tunnel  for  any  other 
authentication, such  as  a  token  or  even  username/pass¬ 
word  pairs. TTLS  offers  strong  mutual  authentication 
without  having  to  distribute  and  manage  certificates  for 
all  your  users. The  problem  with  TTLS  is  that  it’s  just  a 
proposal  within  the  Internet  Engineering  Task  Force,  not 
certain  to  be  accepted,  and  support  for  it  is  only  avail¬ 
able  in  the  Funk  and  Meetinghouse  products. 

The  good  news  from  iLabs  is  that  we  didn’t  have  any 
problems  with  interoperability  in  any  of  these  cases. 

We  expected  that  the  choice  of  which  network  adapter 
we  used  in  our  wireless  devices  would  be  irrelevant,  and 
we  were  almost  right.  With  Win  2000, our  802. lx  suppli¬ 
cants  required  fairly  recent  versions  of  Network  Driver 
Interface  Specification  driver  upgrades  for  the  wireless 
cards  because  some  of  the  802.1 1  object  definitions  that 
802. lx  relies  on  were  not  added  to  the  Windows  Devel¬ 
oper  Kit  until  after  the  NDIS  Version  5.0  specification  was 
out  the  door.  Five  of  the  six  wireless  cards  we  tried  includ¬ 
ed  the  update. 

Authenticators 

“Authenticator”  is  a  big  word  for  what  is  essentially  a 
simple  function:  unpacking  EAP  from  802. lx  and  pack¬ 
ing  it  into  RADIUS  to  pass  to  the  authentication  server.  In 
that  sense,  we  expected  that  any  authenticator  that  sup¬ 
ported  802. lx  would  work  flawlessly  all  the  time.  But  we 
were  some  authenticators  actually  look  at  the  EAP  pack¬ 
ets  and  block  certain  kinds  of  authentication. 

When  selecting  an  authenticator  —  really,  when  select¬ 
ing  a  wireless  access  point  —  make  sure  it  supports  not 
only  802. lx  but  also  the  authentication  method  (MD5, 
TLS, TTLS,  etc.)  you  selected. 

We  also  brought  up  two  wired  authenticators  from  HP 
and  Cisco  in  the  form  of  off-theshelf  enterprise  switches 
that  support  802.  lx  as  a  feature. We  had  no  problems  with 
our  wired  802.  lx  switch  testing  and  used  some  of  the 
advanced  features  (such  as  virtual  LAN  switching  based 
on  user  identification)  to  see  the  range  and  power  of 
802. lx  beyond  simple  authentication. 

The  only  interoperability  issue  we  saw  for  wired  or 
wireless  authenticators  was  in  WEP  key  establishment. 
When  a  wireless  supplicant  authenticates  using  a  strong 
authentication  method  such  as  TLS  or  TTLS,  the  wireless 
access  point  is  able  to  create  a  unique  session  key  for 
use  with  WEP  with  that  client. This  dramatically  increas¬ 
es  the  total  security  of  WEP  and  makes  it  acceptable  as 
an  encryption  protocol  in  a  much  wider  range  of  net¬ 
work  environments.  However,  not  every  authentication 
method  supports  establishing  WEP  keys.  We  also  found 
some  inconsistencies  in  configurating  different  access 
point/network  adapter/supplicant  combinations  when  it 
came  to  WEP  and  WEP  key  establishment.  Keeping  the 
authenticator  and  supplicant  synchronized  is  very 
important  for  total  system  security. You  don't  want  to  just 
authenticate  and  then  not  bother  to  turn  on  WEP 

Authentication  servers 

We  tested  four  802.1x-compatib!e  RADIUS  servers  from 
Funk,  Microsoft,  HP  and  Interlink.  Additionally,  we  tested 

See  Wireless,  page  68 


Now  There  Are  More 

Reasons  Than  Ever 

To  Choose  Canobeam. 


VERSATILE  STANDARD 
25-156Mbps 


GIGABIT  ETHERNET 
1.25Gbps 


CANOBEAM  DT-30 


ECONOMICAL  QUALITY 
10-156Mbps 


Three  Canobeam  FSO  Product  Lines  Offer  Versatility, 
Affordability  And  Application  Specific  Requirements. 


Now  there  are  two  great  additions  to  Canon’s 
Canobeam  DT-50  fiberless  (FSO:  Free  Space  Optics) 
transceivers:  The  Gigabit  Ethernet  DT-55,  and 
Economical  DT-30.  All  Canobeams  set  up  in  minutes, 
require  no  FCC  licensing  or  channel  allocation,  and 
operate  interference-free,  insuring  reliable, 
confidential  transmission. 

The  DT-50  is  a  cost-effective  solution  that  features 
Canon’s  most  advanced  Auto-Tracking  System,  622 
Mbps  (ATM/OG12)  transmission  speed,  links  of  up 
to  2  kilometers,  and  FDDI  and  Fast  Ethernet  using 
interchangeable  cards. 


The  DT-55  includes  all  features  offered  in  the 
DT-50  but  with  even  faster  Gigabit  Ethernet 
connectivity  capabilties. 

The  DT-30  is  a  lower  cost  transceiver  for  applications 
with  shorter  link  distances  (up  to  500m),  where 
auto-tracking  is  not  required.  The  DT-30  supports 
data  rates  of  10  to  156  Mbps. 

The  full  line  of  Canobeams  lets  customers  select  the 
appropriate  system  for  their  application  and  budget, 
from  ILECs  and  CLECs  looking  to  bridge  the  last  mile, 
to  enterprise  customers  connecting  campus  LANs. 


For  more  info:  Call  1-800-321-4388 

(In  Canada:  905-795-2012) 
http://www.  canobeam.com 


KNOW  HOW 


Canon  is  a  registered  trademark  and  Canon  Know  How  is  a  trademark  of  Canon  Inc.  ©2002  Canon  USA,  Inc. 
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more  interesting 

than  you  think 


This  protocol  could  lead  to  less  expensive, 
faster  WAN  connections. 


■BY  JOEL  SNYDER,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


In  a  drafty  warehouse  south  of  the  San 
Francisco  Airport,  the  worlds  largest  Multi¬ 
protocol  Label  Switching  interoperability 
test  just  wrapped  up.  A  joint  project  of  the 
NetWorld+Interop’s  iLabs,the  MPLS  Forum 
and  the  University  of  New  Hampshire 
Interoperability  Lab,  the  testing  brought 
together  22  vendors  and  30  different 
MPLS  platforms. 

With  more  MPLS  vendors  in  one  room  then  ever  before, 
more  tests  at  the  bleeding  edge  of  MPLS  standardization 
and  the  most  sophisticated  test  plan  for  MPLS  interoper¬ 
ability  ever  written,  this  was  a  one-of-a-kind  event.  More 
than  $20  million  worth  of  hardware,  50  MPLS  engineers 
and  testing  speeds  up  to  10G  bit/sec. 

In  the  iLabs  area  at  NetWorld+Interop  2002  Las  Vegas 
this  week,  attendees  will  be  able  to  see  some  of  the 
results  of  this  testing,  focusing  on  enterprise-oriented 
edge  services,  such  as  Layer  3  VPNs  and  Resource 
Reservation  Protocol  (RSVP)  and  Label  Distribution 
Protocol  (LDP)  MPLS,  and  Layer  2  cross-connects. This 
may  sound  like  alphabet  soup,  but  these  acronyms  rep¬ 
resent  the  valueadded  services  such  as  private  network¬ 
ing,  resource  reservation  and  multinetwork  interconnect 
that  MPLS  service  providers  will  be  able  to  bring  to  cor¬ 
porations. 

That  said,  most  people  in  enterprise  IT  greet  news  of 
MPLS  testing  with  a  yawn.  But  really,  there  are  four  rea¬ 
sons  why  you  should  care. 

1.)  It’s  a  trend.  A  testing  commitment  of  this  magni¬ 
tude  on  the  vendors’  part  demonstrates  that  MPLS  is  not 
just  another  buzzword,  but  represents  a  technology  that 
carriers  are  buying  and  deploying  today.  As  service 
providers  start  to  push  MPLS  into  their  networks,  net¬ 
work  professionals  will  no  longer  have  to  build  large 
WAN  infrastructures. 

Connecting  up  to  the  MPLS  network  can  be  as  simple 

a'  another  Ethernet  drop. 

One  example  of  simpler  connections  for  enterprises  is 
spelled  out  in  an  Internet  Engineering  Task  Force  draft 
known  as  “Martini.’ Sixteen  of  the  vendors  in  the  iLabs 
test  supported  the  Martini  draft  for  Layer  2  cross-con¬ 


nect,  the  most  likely  candi¬ 
date  for  enterprise  Layer  2 
MPLS  connections.  Eighty- 
five  percent  of  these  prod¬ 
ucts  interoperated  with  every 
other  product  in  this  particu¬ 
lar  test. 

2. )  It’s  safe.  The  danger 
with  any  new  technology  is 
that  it  will  die  because  of 
lack  of  vendor  support.  More 
vendor  involvement  is  a 
good  thing,  but  more  interop¬ 
erable  products  from  these 
vendors  is  even  better.  The 
results  are  more  diverse  product  options,  better  prices 
and  more  differentiating  features  from  which  to  choose. 

The  iLabs  MPLS  testing,  in  its  seventh  iteration,  proves 
that  MPLS  is  stable.  New  vendors  come  to  learn  and  fig¬ 
ure  out  whether  they  know  what  they’re  doing.  Old  ven¬ 
dors  who  claim  to  be  market  leaders  show  up  to  main¬ 
tain  their  position  in  the  industry. 

Proven  interoperability  gives  carriers  the  confidence  to 
invest  in  MPLS.  As  more  and  more  carriers  build  out 
their  networks  with  MPLS  services,  enterprise  managers 
know  that  it’s  safe  to  bet  the  company  network  on  MPLS. 

3. )  It’s  good  testing.The  goal  of  the  iLabs  MPLS  test  is  to 
make  systems  work  better  together.  All  the  testing  is  multi¬ 
product  interoperability  But  pair-wise  testing  isn’t  enough. 
The  iLabs  team  built  a  huge  network  with  everyone's 
product  talking  to  everyone  else's  product. 

“We  expected  that  if  we  tried  to  have  all  these  vendors 
interoperate,  we  would  have  problems,"  said  Bill  Jensen, 
an  IT  professional  with  the  University  of  Wisconsin  in 
Madison  and  the  iLabs  MPLS  team  leader.“But  surpris¬ 
ingly,  all  the  vendors  managed  to  interoperate  with  at 
least  half  the  other  vendors  —  and  that  was  the  worst 


case.  No  one  had  any  blatant  inter¬ 
operability  silliness,”  he  said. 

“I  like  to  see  issues,  broken  things. 
And  I  like  to  see  them  resolved,” 
Jensen  said.’The  goal  is  not  to  post 
results;  our  goal  is  to  improve  the 
technology  the  standards,  the  state 
of  the  industry 

One  of  the  problems  Jensen  and 
his  team  found  was  differing  inter¬ 
pretations  of  the  value  of  an  option 
called  SENDER_TSPEC,  which  is 
used  to  specify  bandwidth  reserva¬ 
tion.  During  the  iLabs  testing,  ven¬ 
dors  pinpointed  the  issue  and 
solved  it  by  agreeing  on  how  to  specify  signaling  values 
so  they  could  interoperate.  Another  issue  rising  out  of 
this  exercise  was  the  use  of  Address  Messages  in  LDP 
and  the  role  of  those  messages  play  in  some  kinds  of 
MPLS  signaling.  Before  the  iLabs  testing,  all  vendors  had 
not  yet  identified  when  to  use  Address  Messages,  which 
identify  the  two  ends  of  an  MPLS  link.  But  because  of 
this  multivendor  test  bed,  the  participating  companies 
gained  a  better  understanding  how  and  when  to  use 
Address  Messages,  which  in  turn  increased  interoper¬ 
ability. 

In  another  connection  test,  some  vendors  used  inter¬ 
face  addresses  (the  address  of  the  actual  interface)  and 
some  used  loopback  addresses  (an  internal  address 
used  as  a  router  identification  in  routing  protocols). The 
testers  discovered  that  using  loopback  addresses  for 
router  Ids  is  a  powerful  way  to  improve  your  odds  of 
interoperability. 

Testing  at  the  iLabs  in  April  focused  on  both  resiliency 
of  the  network  and  handling  failure  cases.  Resiliency 
testing  looks  at  how  network  elements  recover  from 

See  MPLS,  page  68 


Hats  off  to  supporting  vendors 

In  general,  the  iLabs  program 
depends  on  vendors  stepping  up  to  the 
plate,  putting  their  products  on  the  line 
to  be  tested  in  a  public  venue.  But  the 
unsung  heroes  are  the  vendors  who 


offer  their  products  and  engineering 
expertise  to  provide  the  testing  infra¬ 
structure. 

Special  thanks  goes  to  Spirent 
Communications,  which  provided  more 
than  $1  million  of  network  testing  gear 
and  analysis  software;  Fluke  Networks, 


which  donated  its  network  connectivi¬ 
ty  analysis  tools  used  in  all  three  iLabs 
technology  areas;  and  American  Power 
Conversion,  which  basically  powered 
the  entire  demonstration  network. 

You  can  find  a  complete  list  of  sup¬ 
porting  vendors  at  www.interop.net. 


MPLS  testing  tally 

•  Testing  goal:  Test  interoperability  for 
Layer  2  cross-connect  and  Layer  3  VPN 
and  RSVP  services, 

•  Testing  engineers:  10 

•  Fact  found:  In  the  Layer  2  cross-con¬ 
nect  test,  85%  of  the  products  tested 
were  able  to  interoperate  with  the 
other  products  tested. 

•  Sport  most  resembling  technology: 
Cricket  —  a  lot  of  flinging  of  balls 
around,  and  no  one  really  understands 
the  rules. 


I  don’t  like  you, 

your  cubicle, 
your  mouse 
or  your  stupid 
screensaver. 


And  with  Altiris,  I  can  move  you  to  XP  or  2000  without  touching  any  of  if 


We  know  what  it’s  like  to  have  end  users.  That’s  why  we  created  the  most  advanced 
Client  Management  Suite  that  allows  you  to  migrate  your  enterprise  to  XP  or 


2000 — start  to  finish — without  leaving  your  desk.  It  even  makes  each  user’s  new  OS 
look  just  like  the  old  one,  with  preferences,  wallpaper  and  stupid  screensavers  intact. 
This  makes  for  a  seamless,  visit-less  migration  today,  and  total  lifecycle  management 
of  all  your  IT  resources  tomorrow.  Now  that’s  something  everyone  will  like. 


intuitive  >  manageability 


©  2002  Altiris.  All  rights  reserved.  All  other  products  mentioned  are  property  of  their  respective  owners. 


IP  storage  products  prove  they  can  talk 
to  each  other  and  to  Fibre  Channel  gear. 


mam  warn  M 

WimkMarmfm  M- 


Sraggn  BBS?  X-Z-A 

rMm 


HP  liPif 


on  iSCSI  SANs 


■BY  KENNETH 


PERCY,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 


in  what  was  a  coming-out  party  for  the  Internet  Small 
Computer  System  Interface  protocol,  these  debuting  products 
tested  by  the  iLabs  IP  storage  team  showed  a  high  level  of  inter¬ 
operability  and  a  surprising  level  of  functionality. 

The  charter  for  the  iLabs  event  had  three  planks: 

•  To  demonstrate  multivendor  interoperability  over  an  Ethernet  infrastructure. 

•  To  connect  remote  Fibre  Channel  storage-area  networks  (SAN)  via  iSCSI  links. 

•  To  demonstrate  how  iSCSI  can  be  used  over  an  IP  enterprise  backbone  or  WAN  for 
business  continuance  measures  such  as  remote  data  replication. 

Though  the  upshot  was  the  surprising  degree  to  which  vendors  were  able  to  accom¬ 
plish  these  goals,  the  themes  that  developed  were  perhaps  even  more  compelling. 


Fibre  Channel  meets  iSCSI 

The  most  notable  technical  innovation  on  the  floor  was  the  ability  of  iSCSI  gateways 
to  seamlessly  expose  iSCSI  and  Fibre  Channel  storage  network  elements  to  each  other. 
This  proves  that  iSCSI  can  be  deployed  not  only  as  an  end-to-end  storage  networking 
protocol,  but  it  also  can  provide  a  migration  path  for  existing  Fibre  Channel  gear. 

Two  prominent  iSCSI  flag  bearers,  Cisco  and  Nishan  Systems,  contributed  iSCSI  gate¬ 
ways.  The  Cisco  SN  5420  Storage  Router  has  two  fixed  dual-SC  interfaces,  one  desig¬ 
nated  for  Gigabit  Ethernet,  the  other  for  Fibre  Channel.  It  demonstrated  the  ability  to 
expose  iSCSI  initiators  with  Fibre  Channel  storage  arrays  and  “just  a  bunch  of  disks” 
across  an  IP  network. 

Like  the  SN  5420,  Nishan’s  IPS  3300  can  expose  Fibre  Channel  target  storage  devices 
to  servers  fitted  with  iSCSI  adapters.  What’s  different,  however,  is  that  Nishan  claims  full 
support  for  the  opposite  scenario  —  Fibre  Channel  host  servers  interoperating  with 
iSCSI-based  storage  arrays. 


Inside  iSCSI 

ISCSI  adapters  essentially  are  PCI-based  network  interface  cards  and  SCSI  controller 
hybrids.They  are  installed  into  Unix  or  Windows  NT/2000  servers  to  make  them  initia¬ 
tor  (vs.  target)  clients  on  an  iSCSI  network. 

Consensus  among  the  iLabs  engineers  was  that  the  bulk  of  the  iSCSI  issues  requir¬ 
ing  attention  stand  on  the  adapter  side  of  the  SANs  equation. The  encumbrances  of 
TCP/IP  offload,  lack  of  driver  standards  and  no  explicit  Microsoft  support  for  the  iSCSI 
protocol  have  been  negotiated  by  different  vendors  in  different  ways. 

Recent  criticism  of  iSCSI  adapters  focuses  on  their  TCP/IP  offloading  functions. 
iSCSI's  TCP-based  architecture  creates  a  huge  processing  overhead  on  the  host  sys¬ 
tems  CPU. To  address  this,  most  iSCSI  adapters  have  a  separate  TCP/IP  stack  in  the 
hardware  running  parallel  and  invisibly  to  the  stack  supporting  the  host  operating 
system.  Dual,  independent  TCP/IP  stacks  are  a  problematic  proposition  —  no  shared 
routing  or  Address  Resolution  Protocol  tables.no  load  balancing  or  failover,  and  lim¬ 
ited  visibility  of  the  iSCSI  adapter  from  the  operating  system  are  some  of  the  funda¬ 
mental  concerns. 

Alacritech  offered  a  unique  approach  to  this  problem.  Alacritech’s  1000x1  Server 
and  Storage  Accelerator  does  not  offer  full  TCP/IP  offload  from  the  host  operating  sys¬ 
tem.  Via  its  device  driver,  the  adapter  only  performs  data  movement,  while  control  and 
error  handling  remain  the  duties  of  the  host’s  native  IP  stack. 

While  all  the  other  iSCSI  adapters  in  the  iLabs  testing  appeared  as  SCSI  controllers 
to  their  Win  2000  host  servers,  Alacritech  s  technology  was  visible  only  as  a  NIC. This 
enabled  the  use  of  traditional  IP  connectivity  tools  such  as  ping  and  traceroute 
through  the  iSCSI  NIC. 

ISCSI  adapters  provided  by  Adaptec,  Alacritech,  Emulex,  Intel  and  QLogic  all  passed 
muster  at  the  prestage,  interoperating  easily  with  the  other  iSCSI  network  elements 
w  ithout  incident. They  came  preinstalled  on  off-the-shelf  Win  2000  servers,  and  al¬ 
though  some  required  more  work  than  others,  volunteers  said  the  adapters  were 
among  the  more  painless  network  elements  to  deploy. 

While  iSCSI  adapter  vendors  and  gateways  were  well  represented,  QLogic  was  the 
only  major  Fibre  Channel  switch  vendor  that  supported  the  event, sending  its  SAN- 
box  1  Fibre  Channel  switch.  IBM,  a  major  iSCSI  proponent,  provided  a  TotalStorage  IP 
3t  >;  tge  200i  as  an  iSCSI  target. Spectra  Logic  sent  an  iSCSI-based  Spectra  2000 Tape 
Xiuv.-ng  Fibre  Channel-based  targets,  only  Dot  Hill  Systems  was  present  with  a 
K1  RAID  array  to  go  with  an  Axis  Storage  Manager  server. 

’  :  •!  •'!  for  the  event  also  included  Lightpointe,  which  provided 

-  ”  ■<  u.mv.  iwis  for  a  wireless  Gigabit  Ethernet  link.  FalconStor  Software  pro- 

ultipiolocol  SAN  management  software  called  IPStor.  Finisar  came  with  a 
liety  of  t(  >t  gear, and  the  Layer  2/3  infrastructure  was  anchored  by  Cisco  and 


iSCSI  for  business  continuance? 

With  all  the  rhetoric  being  thrown  around  about  iSCSI  as  an  alternative  to  Fibre 
Channel, some  fundamental  differences  are  getting  lost.  ISCSI  has  a  home  in  an  opti¬ 
mal  business-continuance  model  only  where  it  coexists  with  Fibre  Channel  networks. 

“ISCSI  is  not  architected  for  replication  and  disaster  recovery  It’s  for  database  appli¬ 
cations,  e-mail  and  other  online,  transactional  processes,”  said  Mike  Frase,  technical 
support  engineer  for  Cisco  and  iLabs  Storage  Team  leader.“For  moving  huge  gobs  of 
data  quickly,  Fibre  Channel  over  an  IP  link  is  probably  the  way  to  go.” 

The  real  case  for  iSCSI,  Frase  said,  is  in  the  numbers.“Find  a  Fibre  Channel  network 
that  is  at  even  50%  of  capacity  ISCSI  allows  you  to  do  other  things  besides  storage  with 
your  infrastructure,  which  gives  better  ROI  on  your  infrastructure  dollar(he  said. 

Percy  is  a  technology  analyst  at  Miercom ,  an  independent  testing  lab  in  Princeton 
Junction ,  NJ.  He  can  be  reached  at  kpercy@mier.com. 


Storage  testing  tally 


Testing  goal:  To  demonstrate  multivendor  interoperability,  connect  remote  Fibre 
Channel  SANs  via  iSCSI  links  and  demonstrate  how  iSCSI  can  be  used  over  an  IP 
enterprise  backbone  or  WAN  for  business  continuance. 

Products  tested:  30  •  Fact  found:  iSCSI  equipment  can  front  end  more 
expensive  Fiber  Channel  SANs  gear  to  protect  your  investment. 

Sport  most  resembling  technology:  NASCAR,  in  which  the  gear  takes  in  the 

tired  SCSI  payload,  modifies  it  to  make  it  faster,  cleans  the  windshield  (header)  and 
sends  it  out  to  wirv 


Contact  us  for  your  free  copy  of 


“TRENDS  IN  LARGE  DATA  CENTERS 
CANDID  INTERVIEWS 
WITH  300  TOP  IT  EXECUTIVES.” 


onder  UNIX  makes  you  feel  boxed  in.  It  ties 
an  inflexible  system.  It  requires  you  to  pay  for 
experts.  It  makes  you  struggle  daily  with  a 
er  environment  that’s  more  complex  than  ever. 

Now  for  the  solution.  Microsoft  and  Unisys  have 
joined  together  to  offer  you  a  UNIX  alternative. 

By  teaming  the  Unisys  ES7000  server  with  the 
Microsoft®  Windows®  2000  Datacenter  operating  system, 
we  re  bringing  a  high  performance  server  solution  to  the 
enterprise  market.  A  solution  that  provides  the  flexibility 
and  agility  you  need  in  todays  web-driven  world. 
Without  sacrificing  any  of  the  reliability  and  scalability 
you  demand. 

So,  if  your  server  environment  has  closed  you  in, 
let  us  help  you  escape.  Microsoft  and  Unisys. Two  smart 
companies,  one  brilliant  solution. 

Learn  more  about  how  the  ES7000  and  Windows 
2000  Datacenter  can  simplify  your  server  environment. 


www.WeHaveTheWayOut.com 
info@WeHaveTheWayOut.com 
Toll-free:  800-548-3443 
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Wireless 

continued  from  page  62 

Secure  Computing’s  Premier  Access  serv¬ 
er,  which  isn’t  an  EAP  server  by  itself 
because  it  needs  to  piggyback  on  another 
product  such  as  those  Funk  or  interlink 
offers. 

We  found  that  RADIUS  servers  varied 


along  three  major  areas:  operating  system 
support,  EAP  authentication  method  sup¬ 
port  and  back-end  user  database  support. 
No  server  supported  every  possible  com¬ 
bination  out  of  the  box. 

At  the  i Labs,  we  had  some  high-pow¬ 
ered  on-site  support,  both  from  Funk  and 
from  HP  which  let  us  do  things  with  their 
servers  that  you  wouldn’t  do  just  from 


reading  the  manuals.  However,  we  were 
testing  every  possible  combination  of 
authentication  method,  which  means  we 
stressed  the  servers  more  than  a  normal 
deployment  would.  In  general,  an  enter¬ 
prise  wireless  network  would  have  one 
or  perhaps  two  EAP  authentication  meth¬ 
ods  they  would  want  to  use,  which  dra¬ 
matically  decreases  the  aggravation  in 


SERIAL 


C  WDM 


If  you  still  think  serial’s 
got  the  juice,  then  be 
prepared  to  suck  it  up. 
CWDM  is  inherently  scalable 
to  meet  growing  demands 
for  bandwidth.  Serial  is  not. 
Multiple  data  streams. 
Single  fiber.  That’s  CWDM. 
So  you  can  extend  the  life  of 
existing  LAN  equipment  and 
get  all  the  scalability  you 
need.  At  lower  costs.  CWDM 
transceivers  from  Blaze. 


‘Additional  straws  available  upon 
request,  www.blazenp.com 


designing  an  802. lx  deployment. 

When  picking  an  authentication  server, 
make  sure  to  check  with  the  vendor  for 
current  information. The  server  side  of 
the  equation  is  moving  faster  than  any 
other  part  of  802. lx. 

Wireless  security  testing  will  be  an 
ongoing  effort  for  the  iLabs  team  with  a 
second  round  slated  to  take  place  in 
August  during  the  hotstage  event  for 
Networld+lnterop  2002  Atlanta. 

Snyder  is  a  senior  partner  at  Opus  One,  in 
Tucson,  Ariz.  He  can  be  reached  at  joel.sny- 
der@opusl  com. 


MPLS 

continued  from  page  64 

problems.  Within  the  core  of  an  MPLS 
network,  provisions  in  the  protocols  let 
rerouting  occur  if  there  are  failures. This 
MPLS  testing  looked  at  how  well  prod¬ 
ucts  implemented  both  the  standard  pro¬ 
tocols  for  rerouting  and  a  new  proposed- 
standard  (usually  called  the  Atlas  draft, 
short  for  “MPLS  RSVP-TE  Interoperability 
for  Local  Protection/Fast  Reroute”)  for 
fast  rerouting  in  the  case  of  failures. 
Failure  testing  looked  at  how  well  errors 
propagated  so  that  end  systems  could 
make  intelligent  routing  decisions. 

As  a  simple  example,  one  test  verified 
that  if  a  piece  of  the  network  between 
two  MPLS  switches  goes  down,  the  end 
ports  that  the  network  supports  also  go 
down. That’s  important,  because  it  shows 
that  MPLS  networks  can  signal  network 
status  information  all  the  way  from  the 
core  to  the  edge. 

Of  course,  not  every  issue  identified 
was  resolved.  One  MPLS  signaling  ele¬ 
ment  called  Reservation  Style  can  be 
done  in  two  ways,  Shared  Explicit  or 
Fixed  Filter.  Both  are  legal  according  to 
the  standard.  But  the  iLabs  testing 
brought  out  different  behaviors 
between  these  two  implementations. 

4.)  It’s  cool.  Most  enterprise  networks 
aren’t  going  to  need  OC-192  links 
between  data  centers.  But  that  doesn’t 
mean  the  technology  shouldn’t  exist. 
Knowing  these  things  exist  offers  a 
comfortable  margin  of  error.  If  you  have 
a  100M  bit/sec  metropolitan  Fast 
Ethernet  connection  between  data  cen¬ 
ters,  knowing  that  carriers  could  offer 
you  something  100  times  faster  means 
that  you  won't  have  to  worry  about 
accommodating  future  growth. 

MPLS  at  OC-48  (2.5G  bit/sec)  and 
higher  speeds  also  dramatically  drops 
the  price  to  connect  to  the  network. 
Because  the  MPLS  connection  happens 
at  Layer  2,  much  of  the  expense  of  the 
connection  is  pushed  back  onto  the 
service  provider.  MPLS  might  make  it 
possible  to  put  in  faster  pipes  at  the 
same  price  —  and  that’s  indisputably 
cool. 

Snyder  is  a  senior  partner  at  Opus  One, 
in  Tucson,  Ariz.  He  can  be  reached  at  joel. 
snyder@opus  I .  com. 


First  we  directed  traffic... 
Now  we  police  it! 


Network  security  gets  graphic.  ArraySP  delivers  a  flight  deck  full  of 
controls  and  monitors  in  the  form  of  an  ultra-friendly  GUI.  So  say  good¬ 
bye  to  command  line  languages  and  hello  to  point-and<lick  policing. 
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Power  tools  for  the  Web 


Our  initial  product  line  delivers  highly 
integrated  platforms  for  optimizing  web 
traffic  performance.  Array  Networks  is 
now  pleased  to  introduce  the  simple 
solution  for  managing  user  access  with 
uncompromising  security:  The  Array  SP 
(Array  Security  Proxy).  The  Array  SP 
polices  your  web-based  network  from 
end-to-end.  This  plug-and-play  device  puts 
a  robust  stack  of  security  solutions 
between  your  users  and  the  enterprise's 
precious  network  resources.  Integration 
doesn't  require  the  complex  software 
installations  that  tend  to  devour  IT 


budgets  and  infinite  hours.  For  day-to-day 
control  and  monitoring,  you'll  find  the 
interface  remarkably  intuitive  and  simple. 

If  you  want  to  know  more  about  the  pain- 
free  way  to  protect  your  network, 
call  1  -866-MY-ARRAY,  visit 

www.arraynetworks.net/nw 


Product  specifications  are  subject  to  change  without  prior  notice. 


Tripwire  is  The  Data  Integrity  Assurance  Company 


Tripwire®  establishes  a  baseline  of  data  in  its  known 
good  state,  monitors  and  reports  any  changes  to 
that  baseline,  and  enables  rapid  discovery  and 
recovery  when  an  undesired  change  occurs. 

Foundation  for  Data  Security 

■  Ensure  the  integrity  of  your  data 

■  Instant  assessment  of  system  state,  reporting 
“integrity  drifts" 


Your  firewalls  and  intrusion  detection  tools  alone 
are  not  enough  to  keep  systems  trustworthy. 
Tripwire’s  data  integrity  assurance  products  are  the 
only  way  to  know  with  100%  confidence  that  your 
data  remains  uncompromised.  For  nearly  10  years 
Tripwire  has  been  helping  IT  professionals  know 
exactly  what’s  changed  on  their  systems,  and 
helping  them  to  recover  quickly. 


Maximize  System  Uptime 

■  Eliminate  risk  and  uncertainty 

■  Enable  quick  restoration  to  a  desired  state 

Increase  Control  and  Stability 

■  Ongoing  monitoring  and  reporting 

Lower  Costs 

■  Find  and  fix  problems  quickly  and  precisely  - 
no  more  guess  work 


For  a  FREE  30-day  fully-functional 

eval,  call  toll-free:  1.800.TRIPWIRE  (874.7947)  or 
visit  http://networld.tripwire.com  today! 
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Be  wary  of  looming  interoperability  issues. 


Using  SANs  for  business  continuity 


By  Betsy 
Yocom, 
Network 
World  Global 
Test  Alliance 


usiness  continuance  —  the  ability  to  get  your  network  up  and  running  after  a  disaster 
with  minimal  impact  on  business  —  has  emerged  as  the  leading  driver  behind  storage- 
area  network  and  network-attached  storage  adoption  in  the  post-Sept.  1 1  world. 

“People  now  realize  that  SANs  are  a  key  to  gaining  disaster  tolerance,” says  Ron  Totah, 
technical  marketing  manager  for  Brocade  Communications  Systems.  Until  Sept.  1 1,  net¬ 
work  managers  didn’t  envision  the  magnitude  of  the  catastrophe  that  many  businesses 
in  New  York  faced. Totah  says  managers  are  not  only  planning  to  duplicate  networks, 
but  also  are  tripling  them  in  case  the  original  resources  are  destroyed. 


Businesses  that  use  a  SAN  to  mirror  data  in  real  time  over  optical  con¬ 
nections  can  recover  much  faster  than  those  that  are  still  sending  reels  of 
data  and  performing  hourly  synchronization  processes.  SANs  that  support 
longer  distances  offer  an  advantage  by  letting  companies  store  data  far¬ 
ther  away  Brocade’s  SilkWorm  switch,  which  we  tested  (see  review,  page 
72)  now  supports  distances  up  to  74  miles. 

But  these  extended  storage  networks  will  need  to  encompass  a  range  of 
technologies  including  Fibre  Channel,  Internet  SCSI  (iSCSI)  and  10G  bit/sec 
Ethernet,  and  will  have  to  accommodate  SAN  and  NAS  technologies  in  tan¬ 
dem,  which  requires  much  more  interoperability  than  the  storage  industry 
now  allows. 

In  fact,  while  the  SAN  and  NAS  markets  have  been  targeted  for  significant 
growth  over  the  next  five  years,  our  research  shows  there  are  a  number  of 
technical,  interoperability  and  standards-based  stumbling  blocks  in  the 
way  of  widespread  adoption  of  these  storage  technologies. 

Fibre  Channel,  an  ANSI-based  standard  that  provides  a  high-speed,  short- 
distance  connection's  likely  to  stay  in  the  data  center,  according  to  Doug 
Ingraham, Ciscos  senior  manager  of  product  strategy  and  management. 

But  in  lower-end  server  environments  where  users  haven’t  embraced  Fibre 
Channel  mainly  because  of  the  price  tag,  iSCSI  will  have  its  biggest  audi¬ 
ence.  ISCSI,  a  standard  currently  being  finalized  by  the  IETF defines  how 
SCSI  commands  traditionally  used  for  local  data  communication  between  a 
host’s  CPU  and  attached  peripherals  are  sent  over  an  IP  connection. 

Dale  Lafferty,  vice  president  of  marketing  for  Inrange,  says  Fibre  Channel 
is  the  protocol  of  choice  in  storage  networks  because  it  has  a  proven  track 
record  in  terms  of  performance  and  reliability  Inrange’s  flagship  directory 
switch,  the  FC/9000,64-  and  256-port,  is  based  on  Fibre  Channel. 

Fibre  Channel’s  incumbency  —  there  were  263,441  Fibre  Channel  direc- 
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In  the  post-Sept.  11  world,  enterprise 
professionals  are  looking  to  storage- 
area  networks  as  a  means  of  maintain¬ 
ing  business  continuity  in  case  disaster 
strikes  their  companies. 
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Brocade  edges  out  McData  in  our  test  of 
director-class  SAN  switches. 
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tor-class  switch  ports  installed  worldwide  in  2001,  according  to  IDC  —  is 
indeed  an  advantage  in  the  market,  says  Marc  Staimer,  president  of  Dragon 
Slayer  Consulting.  Fibre  Channel  has  undergone  huge  amounts  of  interop¬ 
erability  testing  among  industry  groups  with  good  success  and  has  estab¬ 
lished  a  beachhead  in  corporations  because  of  its  low  latency  and  high¬ 
speed  performance.  But  it’s  still  expensive  compared  with  Ethernet  and 
requires  a  higher  level  of  technical  expertise  to  implement  and  manage, 
Staimer  says. 

ISCSI,  on  the  other  hand,  paves  the  way  for  managing  storage  networks 
over  long  distances,  linking  “islands”  of  SANs  into  an  integrated  entity  at  a 
lower  price.  But  the  struggle  to  gain  an  industry  standard  for  iSCSI  could 
prove  the  major  stumbling  block  to  its  adoption  in  the  short  term. The  IETF 
has  yet  to  ratify  the  draft  standard  for  iSCSI.  But  according  to  Cisco’s 
Ingraham,  major  points  in  the  draft  have  already  been  agreed  on,  and  ven¬ 
dors  currently  are  working  on  proving  interoperability  based  on  those 
points  (See  iLabs  iSCSI  testing,  page  66). 

On  the  issue  of  SANs  and  NAS  convergence,  Staimer  points  to  the  fact 
that  vendors  such  as  EMC,  IBM  and  NetApps  already  are  shipping  prod¬ 
ucts  that  can  operate  side  by  side.  Convergence  currently  has  two  faces. 
The  first  comprises  a  NAS  head  (or  purpose-built  server)  that  sits  on  a 
SAN  in  front  of  block  storage.This  server,  typically  a  Windows  NT/2000 
server  with  an  host-bus-adapter  fiber  network  interface  card,  provides  file- 
level  management  for  the  SAN’s  block-level  storage. The  second  face  is  a 
NAS  system  that  has  integral  SAN  connections,  eliminating  the  need  for 
the  extra  server  mentioned  previously. 

Staimer  notes  that  the  storage  characteristics  of  SAN  and  NAS  must  be 
addressed  in  terms  of  users’  applications.  Block  storage  is  used  when  fast 
performance  is  important,  while  NAS-based  file  storage  is  best  when  ease 
of  use  is  an  issue.  So  while  SANs,  which  support  block  storage,  and  NAS, 
which  supports  file  storage, are  very  different,  each  has  a  role  to  play  in 
storage  networks. 

2G  bit/sec  and  beyond 

In  terms  of  the  speed  necessary  to  support  growing  enterprise  storage 
needs,  our  sources  agreed  that  2G  bit/sec  Fibre  Channel  is  gaining  its  legs, 
beginning  with  its  debut  on  director-class  switches  (see  review,  page  72). 
Although  10G  Ethernet  will  play  a  role  in  the  future  of  storage  networks, 
that’s  not  likely  to  be  viable  before  2003. 

McData  CEO  and  Chairman  Jack  McDonnell  says  that  pushing  Ethernet  full 
10G  bit/sec  bandwidth  is  not  even  close  to  reality  because  IP  stacks  on  end 
devices  haven’t  even  been  upgraded  well  enough  to  handle  speeds  above 
1G  bit/sec.  McDonnell  predicts  that  we  will  see  experimental  versions  of  10G 
Ethernet  gear  within  the  year,  but  says  wider  deployment  is  two  years  or  more 
into  the  future. 

While  the  need  for  high  speeds  is  a  focus  for  larger  networks,  it  may  not 


be  critical  right  now  in  smaller  networks. 
According  to  Ingraham,  many  customers 
currently  are  using  lower-end  servers  for 
successful  iSCSI  connections  over  Fast 
Ethernet  links.  Servers  that  are  not  sup¬ 
porting  intensive  storage  access  have  no 
need  for  faster  speeds.  But  as  customers 
move  to  higher-performance  servers, such 
as  the  next-generation  InfiniBand-based 
servers  that  will  deliver  I/O  bus  through¬ 
put  speeds  over  2.5G  bit/sec,  the  need  for 
speed  really  matters. 

But  researching  and  developing  ASICs 


that  can  switch  traffic  at  2G  bit/sec 
speeds  is  “rocket  science,”  and  it's  costly, 
according  to  Brocade’s  Totah. The  chal¬ 
lenge  here  is  to  attain  a  very  high  line 
speed  without  introducing  latency  and 
offer  advanced  capabilities, such  as  trunk¬ 
ing  and  frame  management. 

Storage  always  has  been  expensive  rela¬ 
tive  to  Ethernet  technologies,  but  pricing 
of  Fibre  Channel-based  products  has  lev¬ 
eled  off  and  will  continue  to  decrease. 
According  to  Staimer.we  can  expect  an 
average  price  of  $750  per  2G  bit/sec  port 
on  edge  switches  by  year-end. This  is 
down  from  an  average  price  of  $1,500  per 
1G  bit/sec  ports  in  early  2001. 


Staimer  estimates  that  the  per-port 
prices  on  director-class  switches,  which 
we  define  as  those  supporting  64  ports 
and  higher,  will  be  around  $1,750  per 
port  by  the  end  of  2002. That’s  compared 
with  an  average  of  $3,100  per  port  on 
current  products.  Inrange’s  Lafferty  pro¬ 
jects  that  Fibre  Channel  pricing  will  con¬ 
tinue  to  decrease  at  the  rate  of  10%  per 
year  over  the  next  several  years  based 
on  more  widespread  adoption  of  the 
technology. 

Totah  notes  that  before  the  events  of 
Sept.  1 1 ,  customers  were  buying  a  lot  of 
stand-alone  storage  but  not  much  of  the 
connecting  technology  that  would  facili¬ 


tate  a  SAN  environment.  Since  then,  the 
trend  has  shifted  toward  buying  more 
SANs  and  a  little  less  storage  —  with  the 
goal  of  gaining  more  connectivity  to 
make  current  storage  more  cost-effective. 
But  Totah  noted,  too,  that  users  should 
realize  now  that  the  return  on  SAN  invest¬ 
ment  is  high.  If  disaster  strikes,  the  money 
you  laid  out  for  SAN  technology  will  be 
well  spent  if  that  gear  helps  you  get  your 
business  back  online  more  quickly. 

Yocom  is  senior  editor  at  Miercom,  an 
independent  testing  lab  in  Princeton 
Junction,  N.J.  She  can  be  reached  at 
byocom@mier.com. 
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In  the  category  of  Best  Director-Glass  SAN  Switch . . . 

Brocade's  switch  earns  bis  numbers 


By  Kenneth 
Percy, 
Network 
World 
Global  Test 
Alliance 


f  you  build  a  bigger  switch,  they  will  come. 

In  a  contest  between  two  of  only  three  shipping  high-port-density  director-class  storage-area  net¬ 
work  switches  today  our  Blue  Ribbon  Award  goes  to  Brocade  Communications  Systems’ 
SilkWorm  12000,  primarily  on  the  strength  of  its  showing  in  our  configuration  and  performance 
test  categories. 


McData’s  Intrepid  6000  Series  64-Port  Director  is  a  solid  product  with  some 
impressive  high  availability  and  management  tools.  Inrange’s  FC/9000  is  the 
third  director-class  switch,  but  the  company  declined  to  participate. 

Director  switches  are  high-port-count  (64  ports  and  higher),  high-avail¬ 
ability  SAN  switches  designed  with  one  principal  goal  —  to  minimize  hops 
in  a  SAN.  While  minimizing  hops  in  any  network  is  a  good  idea,  it  carries  a 
premium  in  storage  networks,  which  transport  delay-sensitive  disk  I/Os  that 
must  arrive  in  order. 

McData  fielded  the  original  director  switch  to  interconnect  IBM  S/390 
mainframes  with  target  storage  devices  over  Enterprise  Systems  Connection 
(ESCON)  networks.  When  Fibre  Channel  SANs  presented  opportunities  in 
the  Unix/LAN  world,  McData  ported  its  director  switch 
know-how  into  that  market. 

Brocade,  a  dominant  presence  in  the  Unix/LAN  SAN 
switch  world,  has  been  criticized  for  being  considerably 
late  to  market  with  its  director-class  SilkWorm  12000, 
which  we  tested  just  two  weeks  before  its  March  release 
date. 

Brocade  says  it  made  a  strategic  decision  to  wait  to  ship 
its  product  until  it  included  full  2G  bit/sec  throughput  sup¬ 
port.  We  verified  the  SilkWorm’s  2G  bit/sec  transport  level 
when  it  posted  an  impressive  full-duplex  maximum 
throughput  rate  of  almost  210M  byt e/sec. 

The  Brocade  product  was  also  a  winner  in  our  configu¬ 
ration  category  While  both  products  supported  ESCON 
over  Fibre  Channel,  Brocade  offered  legacy  support  for 
Arbitrated  Loop  devices  and  hardware  zoning.  With  128 
maximum  ports, SilkWorm  offered  the  ability  to  deploy 


two  discrete  64-port  director  switches  within  the  same  14-unit  chassis.  Both 
products  supported  redundant  CPUs,  but  only  Brocade  offered  redundant 
power  supplies  and  system  fans. 

However,  McData  had  two  important  redundancy  advantages. The  first  was  a 
hot-standby  backplane.The  second  was  the  fact  that  Intrepid’s  64  maximum 
ports  were  interspersed  throughout  16  chassis  slots,  while  the  same  number 
of  ports  fit  in  only  four  slots  on  SilkWorm.  Greater  per-module  port  density  is 
beneficial  from  a  real  estate  standpoint,  but  failure  of  a  single  module  on 
SilkWorm  will  ruin  your  day  faster  than  the  same  occurrence  on  Intrepid. 

Directors  as  performers 

We  tested  each  box  in  five  performance  areas. 

For  our  partial-mesh  throughput  testing,  we  used  Spirent 
Communications’  SmartBits  to  configure  32  initiator  ports  to 
send  the  largest  (2,148  bytes)  and  smallest  (64  bytes)  Fibre 
Channel  frames  in  separate  tests  to  32  target  ports  in  a  one- 
port-to-one-port  configuration  (see  How  we  did  it,www.nw 
fusion.com,  DocFinder:  9232). 

Brocade  performed  at  line  rate  (105.03M  and  77.27M 
byte/sec,  respectively)  with  large  and  small  frames  through 
one  director,  and  very  nearly  the  same  in  a  two-hop  environ¬ 
ment  (see  graphic, page  74).McData's  Intrepid  6000  per¬ 
formed  well  enough  with  large  frames,  but  was  clearly  less 
efficient  at  handling  smaller  frames,  delivering  37.72M  and 
34.99M  byte/sec  in  a  one-  and  two-hop  environment,  respec¬ 
tively  Wfiile  McData  engineers  noted  that  the  overwhelming 
majority  of  Fibre  Channel  frames  are  more  than  400  bytes, 
the  ability  to  process  large  and  small  frames  should  not  be 
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mutually  exclusive  propositions. 

With  our  high-stress,  full-mesh  through¬ 
put  test,  we  configured  each  of  64 
SmartBits  ports  to  send  large  frames  to, 
and  receive  from,  each  of  the  other  63 
ports.  Again,  SilkWorm  demonstrated 
impressive  efficiency  by  sustaining  an 
average  per-port  throughput  rate  of 
104.37M  byte/sec,  compared  with 
Intrepid’s  84.5 1M  byte/sec. 

We  also  tested  for  head-of-line  blocking, 
which  analyzes  a  switch’s  ability  to  sustain 
performance  despite  congestion  on  any 
one  port.  We  split  full  line-rate  traffic  from 
one  SmartBits  initiator  port  to  each  of  two 
ports  on  the  director  switches.  Half  of  the 
traffic,  or  approximately  50M  byte/sec,  tar¬ 
geted  one  port  (Fbrt  A),  and  the  rest  was 
bound  for  another  port  (Fbrt  B).With  a 
second  initiator  SmartBits  port,  we  sent 
100%  line  rate  to  Fbrt  A.The  idea  was  to 
observe  how  the  congestion  on  Fbrt  A 
affected  the  uncongested  Fbrt  B. 

All  traffic  bound  for  Port  B  on  the  Silk- 
Worm  12000  arrived  at  precisely  the 
offered  rate  with  no  appreciable  delay. 
SilkWorm’s  flow  control  logic  throttled 
the  link  offering  100M  byte/sec  down  to 
50M  byte/sec,  resulting  in  an  even  alloca¬ 
tion  of  bandwidth  across  the  three  data 
streams  with  no  impedance  on  the 
uncongested  port. 

Intrepid  handled  things  differently. The 
uncongested  port  on  Intrepid  realized 
only  20M  byte/sec  out  of  the  50M  byte/ 
sec  offered.  McData’s  device  gave  priority 
to  the  100M  byte/sec  source  port.To  make 
that  possible,  it  also  had  to  push  back  on 
the  other  source  port,  resulting  in  an  80- 
20-20M  byte/sec  bandwidth  distribution 
across  the  three  streams.This  result 
impeded  throughput  to  the  uncongested 
port  and  on  the  switch  overall. 

McData  explained  that  Intrepid  was 
engineered  to  give  priority  to  “hot” 
ports,  reasoning  that  without  a  de  facto 
Fibre  Channel  quality-of-service  stan¬ 
dard  in  place,  this  is  as  valid  a  method 
of  prioritizing  traffic  through  a  SAN 
switch  as  any.  Given  the  confines  of 


Fibre  Channel’s  “stop-or-go”  method  of 
flow  control,  this  argument  is  com¬ 
pelling  and  likely  to  play  well  in  the 
Fibre  Channel  community.  However,  we 
find  no  precedent  in  any  Layer  2 
switching  technology  for  taxing  uncon¬ 
gested  ports  to  benefit  congested  ones. 

With  the  15-to-l  throughput  test,  we 
sought  to  observe  how  each  device 
managed  an  extreme  case  of  many 
servers  requiring  access  to  the  same  tar¬ 
get  storage  port. The  results  show  that 
Intrepid  6000  distributed  its  bandwidth 
more  evenly  among  the  servers.  It  scored 
a  throughput  range  of  4.72M  to  9.85M 
byte/sec  across  all  15  servers,  while 
Brocade’s  distribution  range  was  broad¬ 
er,  at  3.72M  to  14.86M  byte/sec  across 
the  servers. 

But  bandwidth  distribution  testing 
across  interswitch  links  decidedly 
favored  SilkWorm. The  object  of  this  test 
was  to  see  how  the  switches  distributed 
three  ports  worth  of  traffic  through  only 
two  trunk  links. The  data  points  for 
Brocade  are  virtually  flat  (51.81M  to 
52.06M  byte/sec  range),  while  McData’s 
distribution  across  the  links  is  more  scat¬ 
tered,  ranging  from  27.24M  to  40.5M 
byte/sec. 

While  both  devices  were  strong  in 
terms  of  our  availability  testing,  the 
Intrepid  showing  was  a  little  better. 
McData’s  CPU  failed  over  in  500  msec, 
while  Brocade’s  CPU  took  a  full  18  sec¬ 
onds.  The  McData  product  also  offers  a 
nondisruptive  code  load  and  activation 
feature.  Using  this  feature,  we  upgraded 
the  firmware  on  an  active  switch  without 
interruption  of  service. 

McData’s  power  supplies  and  redundant 
crossbar  backplane  failover  worked  as 
advertised.  Brocade  demonstrated  its  N2 
power  supply  redundancy  without  a  hitch. 

In  our  reboot  test,  we  simply  cut  off  all 
power  to  the  devices  to  see  how  quickly 
the  devices  could  resume  normal  opera¬ 
tion.  Intrepid  resumed  service  in  1  minute, 
58  seconds;  while  Silkworm  was  back  on¬ 
line  in  2  minutes,  36  seconds. 

To  test  component  failure  resistance, 
we  pulled  active  modules  out  of  the 
switch  randomly.  With  only  one  port 


Net  Results 


SilkWorm  12000  (firmware  v4.0) 

Company:  Brocade  Communications  Systems,  www.brocade.com 
Price:  $2,344  to  $3,125  per  port;  includes  64  ports  with  GBICs, 
all  feature  licenses  and  management  applications.  Pros:  Stellar 
RATING  performance;  2G  bit/sec  transport.  Cons:  Logging  and  reporting 
adequate  at  best;  some  features  require  additional  licensing  fees. 


Intrepid  6000  Series  64-Port  Director  (firmware  vl.03) 

Company:  McData,  www.mcdata.com  Price:  $3,219  per  port; 
includes  64  ports  with  GBICs,  all  features  and  management 
RATING  applications.  Pros:  Effective,  SAN-wide  management  tool;  hot 
firmware  upgrade  capable.  Cons:  Inefficient  performance  with  small  frames; 
if,  ware  zoning  and  arbitrated  loop  devices  not  supported. 


module  and  one  CPU  module  left,  both 
devices  functioned  normally.  Re¬ 
dundant  interswitch  links  on  both 
devices  failed  over  seamlessly. 

Managing  the  director 

In  our  experience, SAN  switches  as  a 
species  have  supported  well-conceived 
management  interfaces  effectively  and  the 
two  director  switches  we  tested  were  no 
exception.  One  recurrent  complaint  about 
Fibre  Channel  SANs  is  the  required  parallel 
management  of  a  separate  network  that  is 
replete  with  foreign  terms  and  concepts. 

Both  products  addressed  our  manage¬ 
ment  and  administration  criteria  by  strad¬ 
dling  two  software  products  —  one  for 


program  and  relaunching  to  get  back  to 
the  main  interface.  Real-time  monitoring 
of  Intrepid  meant  drilling  down  with  EFC 
Manager.  It  offered  lots  of  real-time  coun¬ 
ters,  but  the  need  to  manually  refresh  the 
counters  was  annoying,  as  was  the  lack  of 
environmental  statistics. 

While  both  applications  supported  SNMP 
with  all  the  right  Management  Information 
Bases,  neither  supported  in-band  notifica¬ 
tion  of  any  kind,  requiring  an  IP  network 
for  all  visibility  into  the  SAN.  But  the  two 
packages  do  have  some  handy  notification 
mechanisms. SANavigator  has  a  software 
add-on  that  will  send  notifications  to  your 
PDA;  EFC  Manager’s  “call  home”  function 
will  send  text  messages  to  your  favorite 


Brocade  tops  SANs  throughout  tests 
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Brocade’s  SilkWorm  12000  director  switch  outpaced  McData’s  Intrepid 
6000  across  all  of  our  throughput  tests  for  both  large  frames  (2,148 
bytes)  and  small  frames  (64  bytes),  and  in  single-  and  double-hop 
SAN  environments. 
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high-level,  multidevice  management;  the 
other  for  local  drill-down  into  the  switches 
themselves. 

McData  led  with  SANavigator, Version 
2.7,  which  it  acquired  from  Western  Digital 
in  2001  to  compete  with  multivendor  SAN 
management  software  packages  such  as 
Veritas  Software’s  SANFbint  and  Tivoli’s 
Storage  Manager.  SANavigator  is  a  client/ 
server-based  package  that  features  a  slick, 
autodiscovered  topology  map  of  the  exist¬ 
ing  SAN,  complete  with  color-coded  traf¬ 
fic  pattern  and  alarm  animations.  Soft¬ 
ware  links  let  you  double-click  on  any 
icon  to  launch  a  Telnet  or  a  browser  ses¬ 
sion  with  the  device  it  represents. 

Double-clicking  on  the  Intrepid  icon 
launched  its  local,  browser-based  man¬ 
agement  tool  called  Enterprise  Fabric 
Connectivity  (EFC)  Manager  that  offers  a 
detailed  image  of  the  device.  While 
SANavigator  is  well-organized,  we  found  a 
dead  end  that  required  closing  out  the 


network  operations  center  over  a  modem 
connection.  Both  can  send  Simple  Mail 
Transfer  Protocol-based  notifications. 

Both  tools  had  audit  logs,  giving  IT  ad¬ 
ministrators  in  large  shops  the  knowledge 
of  who  performed  what  configuration 
changes,  when,  and  from  where.  SANavi¬ 
gator  also  included  a  hardware  log  that 
was  essentially  a  learned  inventory  of  the 
SAN’s  elements,  complete  with  vendor 
name  and  serial  number  of  the  device. 
SANavigator  included  several  useful 
canned  reports  that  can  be  generated  and 
viewed  via  browser  or  SQL  database 
client,  e-mailed  or  printed. 

For  proactive  troubleshooting,  EFC  Man¬ 
ager  users  can  perform  loop-back  tests  for 
card  modules  and  individual  Gigabit  inter¬ 
face  cards.  It  also  allowed  “beaconing,”  or 
the  ability  to  ping  the  LED  on  a  given  port 
for  physical  identification.  Also  laudable 
was  EFC  Manager’s  granular  permission 
levels,  which  let  large  shops  manage  levels 


What’s  the  score? 

SilkWorm 

12000 

Intrepid  6000  Series 
64-Port  Director 

Management/Administration  35% 

4 

5 

Performance  30% 

5 

3 

Availability  20% 

4 

4 

Configuration  15% 

5 

3 

TOTAL  SCORE 

4.45 

3.9 

Ir.i  .  idual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given  each  category  in  determining  the  total  score.  ■  Scoring  Key:  5:  Exceptional  showing  in  this  category. 
Dcf  .  :  ihr  st.  otKrd  of  excellence)  4:  Very  good  showing.  Although  there  may  be  room  for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this  category.  Product 
as  nether  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked  some  features  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently  subpar,  or  lacking  features  being 
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The  New  Enterprise-Class  IBM  (©server  xSeries'440. 


You  have  two  choices:  All  your  money  upfront  for  capacity  you  might  not  use.  Waste.  Or  own  the  new  x440 
that  lets  you  add  capacity  as  you  need  it.  Waste  Not.  Scale  from  a  4-way  today,  to  an  8-way  tomorrow,  to  a 
16-way  in  the  future.  And  utilize  some  of  the  most  advanced  sell-managing,  sell-healing  features  ever. 
Learn  more  at  ibm.com/eserver/x440.  To  talk  to  a  specialist,  or  locate  an  IBM  Business  Partner,  call 
800.426.7777.  (Mention  priority  code  102AX001.) 

The  IBM  x440  with  the  new  Intel  Xeon  Processor  MP.  Everything  else  comes  in  second. 


IBM.  the  e-business  logo,  Active  Memory,  eServer  and  xSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines  Corporation.  Intel,  the  Intel  Inside  logo,  and  Xeon  are  trademarks  or  registered  trademarks 
ot  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2002  IBM  Corp  All  rights  reserved. 


of  access  on  a  per-user  basis. 

Brocade’s  Fabric  Manager  provides  man¬ 
agement  access  to  multiple  switches  on 
multiple  switch  fabrics,  although  it  doesn’t 
offer  the  same  high-level  view  as  SANavi- 
gator.  Because  it  could  only  manage  Bro¬ 
cade  products,  it  offered  no  context  of  the 
surrounding  SAN  that  the  switches  were 
powering. 

One  effective  tool  in  the  suite  is  Per¬ 


formance  Monitor,  a  software  module  that 
features  chart-based,  real-time,  granular 
statistics  of  any  managed  switch. These 
charts  could  be  printed  for  reporting  pur¬ 
poses,  but  they  could  not  be  handled 
electronically  in  any  form.  It  offers  a  vari¬ 
ety  of  real-time,  per-port  counters.  Like 
EFC  Manager,  its  base  for  navigating  the 
program’s  screens  was  a  graphical  repre¬ 
sentation  of  the  device,  complete  with 
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LEDs  blinking  in  real  time. 

Easily  the  strongest  aspect  of  Brocade’s 
management  is  its  variety  of  powerful  in- 
band  and  out-of-band  notification  mecha¬ 
nisms.  Servers  outfitted  with  host  bus 
adapters,  or  Fibre  Channel  network  inter¬ 
face  cards,  could  enjoy  SNMPSyslog, Telnet 
or  HTTP-based  information  about  any 
switch  either  in-band  via  Fibre  Channel 
over  IP;  or  out-of-band  via  an  IP  network. 
What’s  more,  in  a  multiple-switch  SAN, 
Brocade  switches  can  funnel  messages 
back  through  the  Fibre  Channel  network 
into  one  switch 
defined  as  the 
“management 
gateway’ which 
will  forward  the 
information 
through  its  LAN 
connection. 

WebTools 
offers  adequate 
logging.The 
entries  ranged 
from  reasonably 
descriptive  to 
cryptic,  and  the 
Help  function 
was  not  helpful 
in  clarifying  these.  Outside  of  printing 
reports  from  Performance  Monitor,  report¬ 
ing  on  the  Brocade  management  tools  was 
anemic,  offering  a  few  marginally  useful 
reports.  Brocade  offers  an  assortment  of 
useful  diagnostic  commands  from  its  main 
command  line,  but  only  beaconing  was 
available  on  either  of  the  graphical  user 
interfaces  themselves. 

Although  the  outcome  of  these  tests 
indicates  some  clear  competitive  advan¬ 
tages  for  Brocade,  McData’s  Intrepid  6000 
very  likely  has  the  goods  to  retain  much  of 
its  entrenched  incumbency 

Percy  is  a  technology  analyst  at  Miercom, 
an  independent  testing  lab  located  in 
Princeton  Junction,  N.J.  He  can  be  reached 
at  kpercy@mier.com. 


More  online! 


•  Detailed  performance  test  plan. 

•  Vendors  tout  SAN  switch  features. 
•  On-line  performance  charts. 

DocFinder:  9231 


■  Miercom  is  a  member  of  the  Net¬ 
work  World  Global  Test  Alliance,  a  coopera¬ 
tive  of  the  premier  reviewers  in  the  net¬ 
work  industry,  each  bringing  to  bear  years 
of  practical  experience  on  every  review. 

For  more  Test  Alliance  information,  includ¬ 
ing  what  it  takes  to  become  a  member,  go 
to  ww.nwfusion.com/alliance. 

Other  members:  John  Bass,  Centennial 
Networking  Labs,  North  Carolina  State 
University.  Travis  Berkley,  University  of 
Kansas.  Bob  Currier,  Duke  University. 
Jeffrey  Fritz,  West  Virginia  University. 
James  Gaskin,  Gaskin  Computing  Services. 
Thomas  Henderson,  ExtremeLabs,  Inc. 
Miercom,  Inc.,  Network  Consultancy  and 
Product  Test  Center.  David  Newman, 
NetworkTest,  Inc.  Christine  Perey,  Perey 
Research  &  Consulting.  Barry  Nance, 
Independent  Consultant.  Thomas  Powell, 
PINT.  Joel  Snyder,  Opus  One. 
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ADTRAN 

NetVanta  20 00  Series 

(800)  9ADTRAN 
www.adtran.com 
Booth  #2027 

ADTRAN  offers  complete  VPN/Security 
solutions  in  the  NetVanta  2000  Series. 

These  products  serve  customers  of  all  sizes 
ranging  from  large  corporate  hosts  to  the 
mobile  workforce.  This  series  provides 
secure  VPN  tunneling,  protects  networks 
from  cyber  attacks  with  stateful  inspection 
firewalls,  and  secures  the  network  for 
mobile  users.  Check  out  what  is  new  at 
N+l  in  our  booth  #2027. 
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Executive  Software  International 

(800)  829-6468,  ext.  4200 

www.execsoft.com/nw4 

Booth  #6063-36  Microsoft  Partner 
Pavilion 

SYSTEM  PERFORMANCE  &  RELIABILITY 
Executive  Software  is  the  market  leader 
for  products  that  increase  performance, 
reliability  and  management  simply  and 
automatically  for  small,  medium  and 
enterprise-class  networks.  Makers  of 
DISKEEPER®  defragmenter  — 
UNDELETE®  instant  file  recovery  tool  — 
DISK  ALERT™  early  warning  for  disk 
problems  and  new  —  SITE  KEEPER™ 
central  site  manager. 


CYCIADES 

The  Leader  in  Linux  Connectivity 

Cyclades  Corporation 
(510)  770-9727 
www.cyclades.com 
Booth  #3426 

Cyclades  Corporation,  the  leader  in  Linux 
connectivity,  provides  networking  solutions 
using  Linux  and  Open  Source  technology. 
More  than  6,000  leading  companies  world¬ 
wide  use  Cyclades’  server-based  and 
stand-alone  products  to  manage  their 
server-networking  infrastructure.  Cyclades 
Corporation  is  headquartered  in  Fremont, 
California  and  has  offices  located  through¬ 
out  North  America,  Europe,  Asia,  Australia 
and  Latin  America. 
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intuitive  >  manageability 

Altiris  Inc. 

(801)  805-2400 
www.altiris.com 
Booth  #6234 

Altiris  offers  a  full  line  of  Web-enabled  solu¬ 
tions  that  empower  organizations  to  easily 
manage  desktops,  notebooks,  handhelds 
and  servers  throughout  the  IT  lifecycle. 
Altiris  provides  fully  integrated,  complete 
systems  management  solutions  including 
deployment  and  migration,  software  opera¬ 
tions  management,  inventory  and  asset 
management,  and  help  desk  management. 
Altiris’  core  technologies  greatly  reduce  the 
cost  and  complexity  of  owning  IT  resources. 
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CrossTec  Gorp. 

Net  Op  Remote  Control 

(800)  675-0729 

www.NetOpUSA.com 

Booth  #5375-36  Microsoft  Partner 
Pavilion 

Discover  the  software  tools  that  network 
administrators,  support  desks,  and  instruc¬ 
tors  are  calling  a  “must  have”  to  better 
manage  technology  and  support  their  users. 
NetOp  has  been  the  trusted  name  since 
1987  for  fast  and  secure,  cross  platform, 
remote  control  and  training  solutions. 

Let  NetOp  help  you  help  others. 
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Equinox 

(800)  275-3500,  ext.  247 
wvm.equinox.com 
Booth  #8679 

Equinox  develops  and  markets  high-perfor¬ 
mance,  reliable  and  cost-effective  serial 
connectivity  products.  The  SuperSerial 
product  line  provides  connectivity  solutions 
for  Retail/POS,  Access  Control,  Secure 
Console  Port  Access,  Process  Control, 
Industrial  Automation,  Dial  Access  and 
a  wide  variety  of  custom  applications. 


Net  to  Net  Technologies 

(877)  638-2638 

www.NetToNet.com 
Booth  #1159 

Net  to  Net  Technologies  will  be  featuring 
the  latest  in  DSL  technology  at  N+l  this 
year.  Stop  by  booth  #1159  to  see  what 
Ethernet  DSL  has  to  offer:  loop  bonding  and 
IP  Video  over  DSL.  Net  to  Net  will  feature 
new  products  including  Gigabit  Ethernet, 
MicroDSLAMs,  Loop  Bonding,  and  IGMP 
multicast  support.  Best  of  all...  no  ATM 
required! 


Radware 

Con  figware  Insite 

(201)  512-9771 

www.radware.com 
Booth  #2152 

Radware  is  dedicated  to  providing  Intelli¬ 
gent  Application  Switching,  guaranteeing 
the  best  operation  and  servicing  of  IP  appli¬ 
cations  and  enterprise  traffic  across  the 
Internet.  Radware  aligns  application  needs 
with  the  network  infrastructure  to  seam¬ 
lessly  allocate  resources,  optimize  applica¬ 
tion  operations  and  extend  security,  ensur¬ 
ing  the  integrity  of  the  critical  business 
processes.  Radware's  solutions  address 
the  needs  of  corporate  enterprises,  service 
providers  and  e-commerce  business 
through  one  or  more  of  our  award-winning 
products  including:  Web  Server  Director 
(WSD),  Cache  Server  Director  (CSD), 
FireProof,  LinkProof,  Peer  Director  and  the 
CertainT  100.  Radware’s  comprehensive 
suite  of  products  service  end-to-end 
application  operations  and  provide  robust 
and  scalable  network  traffic  assurance. 

Get  certain,  from  click  to  content,  across 
your  network  —  with  Radware. 


LearnKey 


LearnKey  Inc. 

(435)  674-9733 
www.learnkey.com 
Booth  #1634 

Training  solutions  that  meet  your  company's 
needs.  Whatever  the  learning  challenge  — 
systems  admin,  desktop  apps,  personal 
productivity,  development  tools,  manage¬ 
ment  topics,  IT  certifications,  salestraining 
and  more  —  LearnKey  courses  let  your 
people  build  skills  quickly.  Award  winning 
instruction  from  experts,  delivered  via 
the  Web,  on  portable  media  or  over  your 
network. 


Redline  Networks,  Inc. 

T/X  Web  I/O  Acceleration 

(408)  369-3800 

www.RedlineNetworks.com 
Booth  #5439 

Redline  Networks’  T  |  X  Web  I/O  Accelera¬ 
tion  appliances  cut  bandwidth  costs, 
accelerate  web  sites,  and  increase  the 
transaction  capacity  of  existing  Web 
infrastructure.  Our  appliances  offload 
I/O  responsibility  from  servers  and  caches 
and  optimize  content  in  real-time,  accelerat 
ing  download  times  and  providing  greatly 
improved  performance,  capacity  and 
cost  savings  in  the  data  center.  Redline 
Networks’  customers  typically  see  a  return 
on  investment  (ROD  of  less  than  three 
months. 
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Steven  Spielberg  established  the  Shoah 
Foundation  to  collect  and  to  preserve 
the  testimonies  of  eyewitnesses  to 
the  Holocaust.  It  videotapes  survivor  and 
witness  stories,  then  archives  and  provides 
worldwide  access  to  them.  With  an  archive  of 
more  than  50,000  interviews — 180  terabytes 
and  growing — the  foundation  needed  a  powerful 
technology  to  build  an  infrastructure  that  would 
allow  instant  access  and  ultimate  reliability. 

One  solution  met  all  the  Shoah  Foundation’s 
requirements — AIT. 


Provides  unsurpassed  data  storage  density  to 
minimize  space  requirements  and  operating 
costs. 

Delivers  data  at  a  fast  and  efficient  12MB 
throughput  rate. 

Uses  the  built-in  MIC  (Memory  In  Cassette)  to 
locate  files  quickly. 


AIT-3  is  scalable,  backward  compatible  with 
previous  generations,  and  continues  the  AIT 
tradition  of  doubling  capacity  and  performance 
with  each  generation.  AIT-3  capacity  is  100GB 
native  and  260GB  compressed.  With  a  full  line  of 
media,  drives,  autoloaders  and  libraries,  it's  no 
wonder  that  many  industry  leaders  choose  AIT 
for  their  long-term,  critical  data  storage  needs. 


about  how  Sony  helps  the  Shoah  Foundation 
remember-and  about  the  new  AIT-3- 
visit  www.sony.com/ait 
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©  2002  Sony  Electronics  Inc.  All  rights  reserved.  Reproduction  in  whole  or  in  part  without 
written  permission  is  prohibited.  Sony  and  the  AIT  logo  are  trademarks  of  Sony. 
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and  NetScreen-208 


Exclusive  look 
shows  perform¬ 
ance  improve¬ 
ment  but 
uncovers  a  few 
rough  edges. 


Nm  BY  JOEL  SNYDER,  NETWORK  WORLD  GLOBAL  TEST  ALLIANCE 

etScreen  Technologies  has  released  brand-new  hardware  products  and  soft¬ 
ware  upgrades.  Hardware  that  yields  throughput  over  the  gigabit  mark  for  fire¬ 
wall  and  VPN  performance,  coupled  with  a  revision  of  its  ScreenOS  security 
operating  system,  makes  NetScreen  ready  to  challenge  its  competition  for  enterprise 
business.  In  this  exclusive  review,  we  looked  at  two  hardware  platforms  —  the  eight-port 
Fast  Ethernet  NetScreen-208  and  a  beta  of  the  eight-port  Gigabit  Ethernet  NetScreen- 
5200  security  appliances  —  and  evaluated  them  when  loaded  with  ScreenOS  3. 1 . 


This  new  version  of  the  underlying  operating  system  lets  NetScreen  hardware  sup¬ 
port  a  larger  variety  of  firewall  and  VPN  configuration  options,  lifting  a  restriction 
inherent  in  all  previous  versions  of  NetScreen’s  products  and  in  most  other  appliance- 
style  firewall  products. 

While  NetScreen  has  come  a  long  way  with  new  hardware  and  software  in  terms  of 
speed  and  usability  it  still  has  quite  a  few  rough  edges  to  smooth  out  on  these  products. 

NetScreen-5200,  which  was  released  last  month,  is  an  expandable  chassis  with  two 
slots.  One  slot  is  reserved  for  the  management  card  and  central  processor.  Other  slots 
can  be  filled  with  eight-port  Gigabit  Ethernet  cards  available  now  or  24-port  Fast 
Ethernet/two-port  Gigabit  Ethernet  cards  to  ship  later  this  year. 

The  architecture  on  the  5000-series  chassis  is  radically  different  from  that  on  previ¬ 
ous  systems.  NetScreen’s  new  GigaScreen-li  ASICs  run  independently  of  the  main  CPU, 
checking  in  only  when  necessary  to  evaluate  firewall  and  VPN  rules.  Once  a  session  is 
set  up  and  approved  by  the  firewall  rules  on  the  main  CPU,  the  GigaScreen-II  ASIC 
takes  off  by  itself. The  eight-port  Gigabit  Ethernet  card  we  tested  had  two  GigaScreen- 
II  ASICs,  each  handling  four  of  the  Gigabit  Ethernet  ports. 

The  benefit  of  this  new  hardware  platform  is  performance.  NetScreen’s  internal 
benchmarks  show  the  5200  capable  of  4G  bit/sec  of  firewall  and  2G  bit/sec  of  VPN 
throughput.  Our  network  is  limited  to  pushing  firewall  and  VPN  performance  up  to 
1G  bit/sec  throughput,  which  in  our  experience  is  plenty  in  most  enterprise  net¬ 
works,  and  these  boxes  handled  that  load  easily  (see  How  we  did  it,www.nwfusion 
.com,  DocFinder:  9221) 


Net  Results 


NetScreen-5200  and  NetScreen-208 


M  ^  A  Company:  NetScreenTechnologies,  www.netscreen.com  Cost: 
fl,  |  Q  NetScreen-5200  starts  at  $99,000;  NetScreen-208  starts  at  $15,000. 
“  ■  iw  Pros:  Hardware  yields  significant  performance  improvement; 
RATING  new  0peratjng  system  expands  deployment  options.  Cons:  New 
hardware  and  software  configuration  open  to  bugs;  some  new  software  features 
not  fully  developed;  new  ScreenOS  not  available  on  all  platforms  yet. 


What’s  the  score? 


NetScreen-5200  and 
NetScreen-208 


Performance  30% 


Features  25% 

Management  25%  3.5 

Ease  of  use  10%  4 

Installation  10% 


TOTAL  SCORE  4.18 


Individual  category  scores  are  based  on  a  scale  of  1  to  5.  Percentages  are  the  weight  given 
each  category  in  determining  the  total  score.  ■  Scoring  Key:  5:  Exceptional  showing  in  this 
category.  Defines  the  standard  of  excellence.  4:  Very  good  showing.  Although  there  may  be  room 
for  improvement,  this  product  was  much  better  than  the  average.  3:  Average  showing  in  this 
category.  Product  was  neither  especially  good  nor  exceptionally  bad.  2:  Below  average.  Lacked 
some  features  or  lower  performance  than  other  products  or  than  expected.  1:  Consistently  subpar, 
or  lacking  features  being  reviewed. 


This  loosely  coupled  multiprocessor  architecture  is  complex  and  has  serious  bug 
potential,  as  we  found  out.  During  our  VPN  testing,  there  were  instances  when  the 
Secure  Fbrt  Module  CPU  got  out  of  sync  with  the  main  CPU.  NetScreen  says  it  fixed 
this  problem  before  the  ship  date.  However,  early  adopters  might  expect  to  see  some 
subtle  problems  related  to  synchronization. 

Although  the  5200  seems  positioned  to  replace  NetScreen- 1000,  at  a  similar  price 
with  better  performance,  there  is  a  major  difference  —  the  active-active  high  avail¬ 
ability  features  in  NetScreen-1000  and  NetScreen-500  are  not  in  the  5000  series  and 
won’t  be  until  ScreenOS  4.0  is  released  in  July 

Active-active  high  availability  can  give  higher  performance,  utilizing  all  systems 
rather  than  having  half  the  infrastructure  sit  idle, and  can  reduce  failover  time  and  vul¬ 
nerability  by  spreading  load  across  more  systems.  Also,  NetScreen’s  Global  Express 
management  software  does  not  yet  support  the  5000  series. 

While  the  5000-series  hardware  is  impressive,  end  users  not  interested  in  spending 
$100,000  on  this  high-end  firewall  will  be  much  more  interested  in  ScreenOS  3.1, sup¬ 
ported  on  the  NetScreen-200  and  500-series  systems.  ScreenOS  4.0  will  bring  Version 
3.1’s  new  features  to  all  of  the  NetScreen  product  line. 

Before  Version  3.1,  NetScreen’s  hardware  was  limited  to  three  firewall/VPN  interfaces, 
locking  firewall  rules  into  the  trusted,  untrusted  and  demilitarized  zone  (DMZ)  model. 

ScreenOS  3.1  introduces  the  concept  of  zones,  which  can  be  a  physical  interface  on 
the  network,  a  VPN  interface  or  a  virtual  LAN  (VLAN),  or  a  collection  of  all  these 
things.  Each  zone  consists  of  a  set  of  security  policies  for  all  other  zones,  defining  what 
is  permitted  and  what  is  blocked.  In  effect,  NetScreen  has  generalized  its  firewall  rules 
architecture  to  handle  as  many  interfaces, VLANs  and  VPNs  as  you  care  to  create. 

We  installed  the  NetScreen-208,  which  began  shipping  in  January  in  our  production 
network  to  test  the  new  operating  system  and  found  the  zones  simple  to  configure  and 
easy  to  map  to  our  security  policy  With  only  a  few  minutes  of  practice,  we  replaced  our 
old  three-interface  firewall  with  the  eight-interface  NetScreen-208  and  built  a  much 
more  secure  network.  We  took  several  interfaces  together,  called  them  the  DMZ  and 
prohibited  traffic  from  crossing  within  the  zone. That  cleaned  up  a  longtime  worry  that 
systems  in  our  DMZ  would  be  vulnerable  to  each  other  if  any  of  them  were  hacked. 

While  zones  are  a  welcome  enhancement  to  ScreenOS  3.1,  other  new  features  are 
not  as  polished.  Virtual  routers  and  VPN  interfaces  are  two  other  new  features,  and 
we’d  advise  you  to  stay  away  from  them.  For  now,  virtual  routers  are  used  to  maintain 
separate  routing  tables  within  a  single  system,  which  can  help  alleviate  IP  address 
problems.  VPN  interfaces  are  another  routing-friendly  feature  that  treat  VPN  tunnels  as 
interfaces  so  the  routing  fabric  of  your  network  can  dynamically  route  or  reroute  traf¬ 
fic  over  VPNs. 

While  both  features  look  promising,  we  feel  they  are  really  just  placeholders  for  full 
dynamic  routing  (Border  Gateway  Protocol  and  Open  Shortest  Path  First)  to  be 
included  in  ScreenOS  4.0.  Using  VPN  interfaces  instead  of  the  old-style  easier-to-under- 
stand  VPN  tunnels  means  visiting  four  different  parts  of  the  configuration  graphical 
user  interface  and  then  building  a  policy  a  process  that  is  anything  but  intuitive. 
Fortunately  you  don’t  have  to  use  these  pieces  —  the  old  routing  rules  and  VPN  poli¬ 
cies  will  still  work  just  fine  inversion  3.1. 

NetScreen’s  new  hardware  platforms  and  software  upgrade  are  critical  steps  for  the 
company  to  pursue  its  goal  of  playing  with  the  big  boys  of  the  VPN  and  firewall  busi¬ 
ness.  While  these  early  releases  still  have  some  bugs,  NetScreen  is  aggressively  filling 
out  its  product  line  in  exactly  the  right  way 

Snyder  is  a  senior  partner  at  Opus  One,  in  Tucson,  Ariz.  He  can  be  reached  at 
joel.snyder@opus  1 .  com. 
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Quarry  Technologies,  Inc. 

(781)  505-8300 

www.quarrytech.com 
Booth  #2417 

Quarry  Technologies  designs,  manufactures, 
and  sells  a  robust  security  solution  that 
enables  confidential  communications  over 
public  and  private  networks  with  complete 
protection,  tailored  service  quality,  detailed 
accounting  visibility,  and  ready  management 
control  —  all  via  the  highest-performing, 
most-manageable,  lowest-cost  security 
edge  system  in  the  industry. 


Network  Instruments 

Observer ® 

(800)  529-7919 

www.networkinstruments.com 
Booth  #1953 

Network  Instruments  is  an  industry  leader 
in  the  development  of  cost-effective  net¬ 
work  management  and  troubleshooting 
tools  like  Observer®.  We  created  the  first 
analyzation  tools  available  to  troubleshoot 
switched  environments,  and  provided  the 
first  software-only,  Windows-based  protocol 
analyzers.  Visit  us  at  N+l  to  see  what's  new 
with  the  Observer  product  line. 


SMARTS 

(877)  2-SMARTS 
www.smarts.com 
Booth  #1541 

SMARTS  powers  a  new  generation  of 
networked  business  with  the  industry's  only 
smart  service  assurance  software  for  man¬ 
aging  networks,  systems,  and  applications. 
The  SMARTS  InCharge  suite  takes  a  holis¬ 
tic  approach  to  infrastructure  management, 
leveraging  a  common  information  model 
across  IT  and  business  domains  as  well  as 
patented  Codebook  Correlation  Technology 
to  offer  unique  business  benefits.  These 
benefits  include  reduced  operational  costs, 
improved  quality  of  service,  faster  launch 
of  new  services,  and  the  ability  to  align 
IT  management  with  business  objectives. 


Raritan  Computer,  Inc. 

Paragon  &  Tele  Reach 

(800)  724-8090 
www.raritan.com 
Booth  #1755 

Raritan  is  the  premier  manufacturer  of 
KVM  switches  and  extension  products 
for  centralized,  out-of-band  access  to 
2  to  2,000+  servers.  Raritan's  award-winning 
Paragon  enables  access  to  thousands  of 
servers,  supporting  connections  up  to  1,000 
feet  away  with  a  single  Category  5  cable. 
Combined  withTeleReach,  our  multi-port 
product  for  remote  KVM  access  over  Web 
browser,  Raritan  provides  the  most  secure, 
powerful  solution  available  for  total  data 
center  management. 


Rose  Electronics 

UltraLink 

(800)  333-9343 
www.rose.com 
Booth  #1559 

SERVER  ACCESS  OVER  IP 
The  UltraLink  is  the  Rose  answer  to  Modem 
and  Ethernet  remote  access!  KVM  access 
over  IP  technology  allows  you  to  access, 
control  and  provide  computer  maintenance 
from  anywhere  in  the  world.  When  com¬ 
bined  with  Rose  KVM  switch  technology, 
server  management  administrators  can 
have  faster  access,  saving  time  and  money. 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 
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SilentRunner 

A  Raytheon  Company 

SilentRunner,  Inc. 

Network  Security  Analysis 

(703)  391-2913 
www.silentrunner.com 
Booth  #1655 

Is  your  increasingly  complex  network  deliv¬ 
ering  security,  performance  and  dependabil¬ 
ity?  If  not,  then  do  you  have  the  information 
needed  to  attain  these  demands?  Visit 
Booth  #1655,  enter  our  drawing  and  learn 
how  SilentRunner's  Network  Security 
Analysis  products  cost-effectively  trans¬ 
form  data  into  critical  decision-making 
information  and  knowledge. 


SPECTRUM  CONTROL  INC. 

A  Control  Products  and  Systems  Company 

Spectrum  Control,  Inc. 

AC  SMARTstart  Jr 

(814)  835-1650 

www.spectrumcontrol.com 
Booth  #8883 

At  Networld+lnterop  Spring  2002, 

Spectrum  Control  will  introduce  the 
new  AC  SMARTstart  Jr.  from  its  line  of 
SMARTstart  and  SHARPstart  power 
distribution  units.  This  new  unit  is  designed 
to  direct  and  manage  power  to  connected 
file  servers  and  networking  equipment. 

Units  feature  manual  and  remote  operation 
with  the  ability  to  power-on  or  power-off  any 
or  all  loads  in  any  sequence  over  a  range  of 
time  intervals. 
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WildPackets,  Inc. 

Ether  Peek  NX  &  AiroPeek  NX 

(925)  937-7900 
www.wildpackets.com 
Booth  #549 

WildPackets,  a  privately-held  corporation, 
was  founded  in  1990  with  a  mission  to  cre¬ 
ate  software-based  tools  to  simplify  the 
complex  tasks  associated  with  maintaining, 
troubleshooting,  and  optimizing  evolving 
computer  networks.  WildPackets  products, 
including  EtherPeek  NX  and  AiroPeek  NX, 
are  recognized  as  analysis  tools  of  choice 
for  small,  medium,  and  large  enterprises. 
See  the  AiroPeek  NX  Demo  at  Atheros 
Communications  Booth  #549. 


SMC 

Networks 

SMC  Networks 
(800)  SMC-4YOU 
www.smc.com 
Booth  #6459 

For  30  years,  SMC  has  provided  high-quality, 
standards-based  PC  connectivity  and 
Internet  access  solutions.  SMC  leverages 
global  manufacturing  resources  and  strate¬ 
gic  relationships  with  technology  innovators 
to  bring  to  market  a  full  range  of  leading- 
edge  products.  These  include  award-winning 
Gigabit  and  Fast  Ethernet  Switching, 
Broadband,  and  Wireless  connectivity 
solutions  for  small-to-medium  sized  enter¬ 
prises,  small  office/home  office  and 
networked  homes. 


Western  Telematic,  Inc. 

(800)  854-7226 

www.wti.com 
Booth  #6828 

Network  managers  around  the  world  use 
WTI's  NetReach™  products  to  support  and 
manage  their  network  equipment.  NetReach 
products  provide  secure,  dial-up  access  to 
remote  network  devices.  Even  when  your 
network  is  down,  NetReach  products  allow 
access  to  remote  sites  for  power/reboot 
control,  multi-port  switching,  alarm 
management  and  lOBaseT  patch  routing. 


TECHNOLOGIES 


Wouldn’t  it  be  sweet  if 
your  network-security 
solution  did  more? 

The  Quarry  Technologies  iQ  product 
family  provides  encrypted  Virtual 
Private  Networks,  stateful 
Firewalls,  and  application-level 
Quality  of  Service,  all  together 
at  up  to  Gigabit  speeds  per 
flow.  Best  of  all,  this  highly 
manageable,  carrier-class 
routing  system  is  light  on 
your  budget. 


Quarry  Technologies7 
solutions  deliver 


For  more  information, 
please  call  1.888.291.1200, 
or  visit  www.quarrytech.com. 

The  Quarry  Technologies  iQ-series  Service  Edge 
Switches  and  iQSMS™  Service  Management 
Suite  deliver  complete  security  and  tailored  service 

quality  with  uncompromising  performance. 
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Intelligence  for  the 
Service  Edge. 
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Strengthen  service-level  agreements 

Use  the  right  terms  in  your  SLA  to  make  sure  service  providers  deliver  what  you’re  paying  for. 


■  BY  SHALLY  BANSAL  STANLEY 

Buying  network  infrastructure  is  hard  enough,  but  making  sure 
your  service  provider  lives  up  to  its  commitments  is  an  ongoing 
challenge  that  takes  time  and  money 


diffeWe? 

Take  a  look  at  some  of  the  distinctions  between  a  carrier’s  standard 
service-level  agreement  and  one  that  better  protects  you. 

Standard  SLA; Effective  SLA: 


Getting  what  you  paid  for  goes  well 
beyond  simply  verifying  a  service 
providers  position  in  the  marketplace  and 
the  quality  of  its  equipment  and  services. 
It  requires  negotiating  prowess,  vigilant 
measuring  and  constant  enforcement. 
Everything  hinges  on  crafting  a  strong 
service-level  agreement  (SLA). 

The  first  step  begins  with  finding  out  what 
levels  of  service  your  organization  actually 
needs  to  do  its  business,  not  what  service 
providers  offer  in  their  standard  agree¬ 
ments.  Knowing  what  your  infrastructure 
has  to  be  able  to  support  will  (or  at  least 
should)  define  what  your  SLA  looks  like. 

If  a  guaranteed  level  of  service  is  impor¬ 
tant,  be  sure  that  the  service  you  buy  can 
reasonably  be  guaranteed.  Asking  a  service 
provider  to  artificially  guarantee  a  service 
that  it  cannot  support  doesn’t  benefit  you 
—  it  actually  costs  you  more  money 

A  typical  network  services  SLA  probably 
covers  metrics  such  as  availability,  latency 
and  throughput.  It  may  also  include  speci¬ 
fications  for  mean  time  to  respond,  mean 
time  to  repair  and  problem  notification/ 


escalation  guarantees. 

The  more  comprehensive  SLAs  include 
requirements  for  installation  lead  times 
that  range  anywhere  from  30  to  90  days 
based  on  geography;  service  changes  rang¬ 
ing  from  five  to  90  days  depending  on  type 
of  change;  billing  dispute-resolution  timing 
requirements;  and  account  management 
responsibilities  such  as  training,  documen¬ 
tation,  and  regular  technology  and  product 
briefings  over  the  life  of  the  contract. 

Still  other  SLAs  are  more  than  50  pages 
long  and  protect  everything  under  the  sun. 

So  why  not  invest  the  time  upfront  to 
negotiate  the  biggest,  baddest  SLA  on  the 
block?  Because  the  more  comprehensive 
the  SLA,  the  higher  the  cost  of  the  service. 
The  real  question  to  consider  is,  “Does  it 
really  make  the  service  better?” 

The  truth  is  that  SLAs  are  nothing  more 
than  insurance  policies.  Just  as  life  insur¬ 
ance  doesn’t  guarantee  life,  SLAs  don’t 
guarantee  levels  of  service.  They  provide 
you  with  compensation  in  case  something 
goes  wrong. 

Carriers  don’t  redesign  their  equipment 


Guarantee  a  certain  level  of  circuit 
performance  over  the  carrier's  core 
backbone  that  is  consistently 
exceeded  by  its  network  (including 
availability,  latency,  throughput). 

Compensation  for  prolonged 
circuit  outages  is  a  nominal  credit  — 
usually  5%  to  10%  of  the  cost  of 
the  service. 

The  protection  from  repeated  failures 
is  a  nominal  credit  capped  at  50%  of 
the  total  monthly  recurring  cost. 

The  options  for  getting  out  of  a 
contract  for  failure  over  a  prolonged 
period  of  time  are  nil. 


to  a  higher  standard  simply  because  a  cus¬ 
tomer  demands  that  it  perform  at  a  certain 
level,  nor  do  they  rearchitect  their  networks 
because  a  handful  of  customers  require  a 
99.999%  availability  guarantee.  Instead,  ven¬ 
dors  determine  the  cost  of  not  meeting  the 
SLA  and  factor  that  into  the  overall  price. 

The  purpose  of  an  SLA  is  to  protect  your 
company  against  the  worst  case.  Effective 
SLAs  do  more  than  get  a  nominal  credit 
back  —  usually  5%  to  10%  of  the  cost  of 


Guarantee  a  certain  level  of  end- 
to-end  service  performance  for 
applications. 

Remedy  for  prolonged  circuit 
outages  is  reimbursement  of  the 
cost  of  the  back-up  services  used. 

Protection  from  repeated  failures  is 
the  opportunity  to  augment/replace 
defective  services  with  more  reliable 
services  from  another  vendor  or  use 
a  different  technology  at  no  additional 
cost. 

Option  for  getting  out  of  a  contract 
for  failure  over  a  prolonged  period 
of  time  is  termination  of  the  agree¬ 
ment  without  penalty. 


the  service  —  in  the  event  your  infrastruc¬ 
ture  fails.  When  written  properly,  SLAs  give 
you  a  way  to  mitigate  the  effect  of  prob¬ 
lems  that  harm  your  network. 

Not  all  SLAs  are  created  equally  Make  sure 
yours  buys  what  you’re  already  paying  for. 

Stanley  is  director  of  Greenwich 
Technology  Partners  ’  Network  Economics 
practice.  She  can  be  reached  at  sstan 
ley@greenwichtech.  com. 


SLA  strategies 

The  benefits  of  an  effective  SLA  are  well  worth  the  time  and  effort  it  takes  to  develop  one.  Here  are  the  steps  to  take  to  achieve 
your  goals: 

remedies,  and  the  amount  of  time  the  service 
provider  has  to  correct  problems. 


1  ■  Identify  service  levels  that  your  infrastructure 
needs  so  the  SLA  is  comprehensive. 


2 .  Design  the  SLA  so  that  it  clearly  defines 
the  service  provider’s  responsibilities. 


3.  Negotiate  the  SLA  with  the 
service  provider,  paying  particular  attention  to  what 
services  are  being  guaranteed,  how  they  will  be 
measured,  the  process  for  realizing  agreed-upon 


4.  Implement  SLA  measurement  and  enforce 
ment  tools  and  processes  to  ensure  that  every  SLA  can 
be  measured  and  enforced  as  soon  as  the 
service  under  consideration  is  installed. 


5.  Enforce  SLA  compliance, and  identify  and  resolve 
problems  that  arise. 


You  asked  for  a  KVM  switch  that  could  do  more.  We  delivered. 

The  Avocent  DS  Series  combines  analog  and  KVM  over  IP™  connectivity  to  give  you 
access  to  your  servers  from  any  location  you  choose.  Our  DS  Series  gives  you  much 
more  than  just  control  of  your  servers.  Now  you  can  use  the  power  of  IP  to  control 
servers,  routers,  firewalls  and  power  devices  -  all  from  a  single  screen!  Plus,  CAT  5 
connections  simplify  installation,  and  our  IP  architecture  makes  adding  servers  as 
easy  as  point  and  click. 

To  learn  how  Avocent  can  deliver  for  you,  download  a  free  KVM  Tech 
Guide  today  at  www.kvmguide.com  and  see  how  much  more  Avocent's 
DS  Series  can  do. 

Avocent,  the  Avocent  logo,"The  Power  oi  Being  There",  "KVM  over  IP"  and  DSView  are  trademarks  of  Avocent  Corporation.  All  other  marks  are 
the  property  o!  then  respective  owners.  Copyright  C  2002  Avocent  Corporation. 


DSView  gives  you  "Click  and  Connect" 
access  and  control  of  all  the  KVM  and  serial 
devices  in  your  data  center. 


Avocent 

The  Power  of  Being  There  - 


NetworkWorld's 


The  Hub  of  the  Hetwork  Buy 


Marketplace 


2001 
KVM  Access 
over  IP 


1999  •  I  • 
KVM  Access 
over  Cat5 

||||t  |  . 


KVM  Access 
Over 

Web  Browser- 


If  having  remote  access  to 
your  servers  over  IP  means 
installing  proprietary  software 
or  PCI  cards,  that's  not 
convenient,  anywhere,  anytime 
access.  Introducing  the  new, 
multi-port  TeleReach®. 

TeleReach  is  the  easiest,  most 
secure  way  for  one  or  more 
users  to  remotely  access  and 
manage  multiple  servers 
through  a  KVM  switch,  from 
any  PC  running  the  Internet 
Explorer®  4.0  browser. 

To  see  and  feel  the  power  of 
remote  KVM  access  over  Web 
browser,  call  Raritan  Sales  at 
(800)  724-8090  to  sign  up 
for  a  live  demo  from  your 
own  desktop. 


1988  •  • 

KVM  Access 


The  Cydades-TS  Series  of  Console  Access  Servers  provides  the  highest  port  density 
and  security  at  a  very  competitive  price.  By  using  Linux  as  the  embedded  OS,  it 
offers  the  flexibility  required  to  manage  our  dynamic  environment. 

The  Cydades-TS  is  a  key  element  to  help  us  keep  our  servers  up  and  running." 

-  Pete  Kumler,  Manager  of  Site  Operations,  Yahoo!  Inc. 


fciaaes-is  series  Console  Access  Server 

1/4/8/16/32/48  RS-232  ports  on  1U  of  rack  space 
First  Linux-based  Terminal  Server  in  the  market 
IP  Filtering,  RADIUS,  and  Secure  Shell  (SSHv2) 

Linux,  FreeBSD,  Sun,  HP,  and  IBM  compatible 
No  unintentional  breaks  (Sun)  L,NU? 


II  E|i  CAS  booklet  at  www. 
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The  Leader  in 
LINUX 

Connectivity 


www.cyclades.com 

1-888-CYCLADES  1-888-292-5233 
510-770-9727 
sales@cyclades.com 
Fremont,  CA 


CYOKDES 
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You  Can 


Don't  spend  your  downtime  wondering  if  your  systems  are  down! 


The  Sensaphone  IMS-4000  Infrastructure  Monitoring  System 
watches  critical  environmental  and  network  elements  in  your 
infrastructure  and  warns  you  the  instant  trouble  is  detected — 
before  your  systems  go  down.  With  an  IMS-4000  standing  guard, 
you'll  always  be  the  first  to  know.  This  gives  you  the  critical  early 
warning  you  need  to  maintain  the  user  SLA  and  keep  your 
business  running  at  maximum  performance. 


Internal 

UPS 


Microphone 

for  Sound 
Monitoring 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
6t  Pager  Port 


8  RJ-45  Sensor  Inputs 

(Temperature,  Humidity, 
Water,  Motion,  Power, 
Smoke/Fire) 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


The  IMS-4000  is  the  latest  advance  in  Sensaphone  technology. 
Functioning  as  a  full  VRU,  the  IMS-4000  locates  you  and  gives 
you  important  information  about  your  infrastructure  in  real  voice. 
If  you're  not  reachable  by  phone,  the  IMS  can  page  you,  send 
you  an  e-mail,  SNMP  alarm,  or  even  a  fax  message.  You  can 
even  reboot  equipment  over  the  telephone  through  the  secured 
voice  interface.  And  the  IMS-4000  system  is  scalable — it  grows  as 
your  network  grows. 


Take  it  easy — let  the  Sensaphone  IMS-4000 
fulfill  all  your  monitoring  needs: 

^  Power  Outages 
^  Humidity  Trouble 
Water  Detection 
^  Physical  Intrusion 
4/  Fire/Smoke 
y'  Sound  Monitoring 
^  Server  Failure 
4^  Downed  Network  Lines 
^  Reboot  Hardware 
^  Scalable  coverage 


SENSAPHONE,  INC. 

901  Tryens  Road  •  Aston,  PA  19014 
(610)  558-2700  •  Fax:  (610)  558-0222 
www.sensaphone.com 


Server  Management 


See  us  at  Networld+lnterop, 
Las  Vegas,  Nevada, 


LOW  COST  SINGLE  USER 

Vista™ 

Low  cost  single-user  KVM  switch 
Supports  up  to  64  computers 


•  A'S. 
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COAX 

'ViewLirifr™  f  / 

Extends  KVMs  up  to  250  feet  away 
using  coax  cable 


«  KVM  RACK  DRAWER 

RackView™ 

Rack  mounted  1U  or  2U  KVM  drawer 
with  optional  KVM  switch 


PROFESSIONAL  SINGLE  USER 

UltraView  Pro™ 

Professional  single-user  KVM  switch 
Supports  up  to  256  computers 


TWISTED  PAIR 


mt 


ftiPlie 


Extends  your  KVM  station  up  to  1,000  feet  away 
from  your  computer  using  a  CAT-5  cable 


MULTI-USER  FIXED  CHASSIS 

UltraMatrix™  E-series 

Professional  multi-user  KVM  switch 


2  -  4  KVM  stations  to  1,000  computers 


YjWM 


W 


UltraLink™ 

KVM  digital  remote  access 
over  Ethernet  or  modem 

■  Connect  to  remote  computer  over  Ethernet  or  dial-up 

■  Local  KVM  port  to  access  computers  at  UltraLink 
unit 

■  Modem  port  with  dial-back  security 

■  Up  to  1280x1024  resolution,  supports  all  platforms 


KVM  SHARING 

Multistation  ™ 

Up  to  four  KVMs  to  one  computer 
Fully  automatic  KVM  sharing 


VIDEO  DISTRIBUTION 

VideoSplitter™ 

One  or  two  computers 
to  multiple  monitors 


xr-- '  v- 
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ROSE  ELECTRONICS  KVM  switches  allow  single 
or  multiple  workstations  to  have  local  or  remote 
access  to  multiple  computers  located  in  server 
rooms  or  on  the  desktop. 

ROSE  is  a  leading  KVM  switch  manufacturer  with 
the  most  complete  range  of  server  management 
products.  A  KVM  industry  pioneer,  Rose  is  known  for 
its  technically  superior  and  price  competitive 
products. 

From  simple  access  to  complex  configurations, 

Rose  provides  easy  server  management  solutions. 

Call  ROSE  today. 


CONTROL  IT 

SECURE  IT 

MANAGE  IT 

FROM  ANYWHERE 


MULTI-USER  EXPANDABLE  CHASSIS 

UltraMatrix™  X-series 

Enterprise  class  multi-user  KVM  switch 
4  -  250  KVM  stations  to  1 ,000  computers 


Easy  to  install,  give  it  an  IP  address  and  run  the 
remote  client,  no  licensing  required 

Scaling  of  computer  image  reduces  amount  of  data 
sent  and  permits  fast  screen  updates  over  slow  links 

Quad  screen  mode  allows  you  to  see  four  servers 
from  one  screen 


CONVERTER 

Translator™ 

Keyboard  mouse  converter  for  Sun, 

Apple,  DEC  Alpha,  or  SGI  Onyx  KVM  converters 


ROSE  ELECTRONICS 
10707  Stancliff  Rd. 

Houston,  Texas  77099 

USA  .  CANADA  .  ENGLAND  . 


SSL  security  and  passwords  prevents  unauthorized 
access 


.  333-9343  281-933-7673 

GERMANY  .  FRANCE  .  BENELUX  .  AUSTRALIA  .  SINGAPORE 


WWW.ROSE.CO 
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Security 

Technology  Associates,  Inc. 


.  o  zj,  '  '  '  •  *; 


System  Software 

Features  include: 

•  High  Performance 

•  Built-in  IPsec  VPN 

•  Stateful  Packet  Inspection 

•  Dynamic  &  Static  NAT 

•  PPP  and  PPPoE  Support 

•  DHCP  Services 

•  DNS  Server 

•  Mobile  VPN  Client  Support 

•  High  Availably  Option 

•  Content  Filtering 

•  Gigabit  Ethernet 

•  Secure  Remote  Management 

•  Email  Proxy 

•  Alarm  Notification 
•Time  Base  Access  Control 


Firewall  Appliances 


GB-1000  Firewall/VPN  Appliance 


High  performance, firewall  with 
unlimited  user  licenses,  transparent 
NAT,  stateful  packet  inspection,  built- 
in  IPSec  VPN, four  10/100  Ethernet 
interfaces,  DCHP  server,  DNS  server, 
secure  remote  management  and 
content  filtering  in  a  1 RU  case.  High 
Availability,  gigabyte  Ethernet  and 
additional  interfaces  are  optional. 


RoBoX  Firewall 

Remote/branch  office  firewall  for  up  to  25 
concurrent  outgoing  users.  Features  include 
transparent  NAT,  stateful  packet  inspection, 
built-in  IPSec  VPN,  content  filtering  and  three 
1 0/1 00  fully  configurable  Ethernet 
connections  packed  in  a  6" square  case. 

Big  security  for  small  offices! 


Firewall  Software  Systems 


GB-Flash 

All  the  power  of  the  ICSA  certified  GNAT  Box  system 
software  on  an  easy  to  install,  solid-state  flash 
memory  module  that  plugs  into  the  system 
motherboard.  Features  include  transparent  NAT, 
stateful  packet  inspection,  built-in  IPSec  VPN,  DCHP 
server,  DNS  server,  secure  remote 
management  and  content  filtering. 


.^es,  lnc 

/ 

Sales:  (800)  775-4GTA  j 

Tel:  (407)  380-0220  | 

Email:  info@gta.com  \ 

Web:  http://www.gta.com 
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GNAT  Box  Pro 

Simple,  powerful  ICSA  certified  firewall  solution.  It 
runs  and  boots  from  a  floppy,  requiring  only  a  486 
CPU  and  16MB  memory.  Features  include  built-in 
IPSec  VPN,  secure  remote  management  and  support 
for  hundreds  of  network  cards  including  gigabyte 
Ethernet. 


Global 
Technology 
Associates,  Inc. 


Net  to  Net  Technologies 
As  easy  as  g 


DSL  the  Easy  Way' 


Net  to  Net's  Ethernet-based  DSL  solutions  can  be  deployed  in  a  fraction  of  the  time — and  at  a  fraction  of  the 
cost — of  traditional  ATM-based  DSL  systems.  Our  AutolP”  technology  allows  our  DSLAMs  to  auto-configure 
every  line  out  of  the  box,  delivering  true  plug  'n'  play  operation  with  no  provisioning  headaches.  Net  to  Net 
has  a  DSL  solution  to  fit  every  deployment  scenario,  whether  it's  ADSL,  SHDSL,  VoDSL  or  T1,  from  the  Central 
Office  or  the  Remote  Terminal.  The  IP  services  your  customers  desire,  such  as  high-speed  Internet,  multicast 
video,  and  interactive  gaming  are  all  supported  over  an  end-to-end  IP  network.  That  means  your  network  just 
got  a  whole  lot  better,  and  your  life  just  got  a  whole  lot  easier. 


Nft  Net  to  Net 

TECHNOLOGIES 


www.NetToNet.com  contact@NetToNet.com 

Tel  603.427.0600;  877.638.2638  (toll  free)  Fax  603.422.0610 
112  Corporate  Dr.,  Pease  Inti.  Tradeport,  Portsmouth,  NH  03801 
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The  Hub  of  the  Hetwork  Buy 


They  gave  us  an  hour,  we  gave  them  3  seconds 


KEYNOTE  performance  chart 


Actual  client  data,  12:00  PM  January  11  - 12:00  PM  January  12,  2002 


Web  site  acceleration  deployed  in  under  an  hour. 


Faster  Performance 

T|X  optimizes  and  compresses  out¬ 
bound  data  in  real-time,  accelerating 
server  response  time  and  user 
downloads. 

Maximize  Server  Capacity 

T|X  eliminates  the  I/O  inefficiencies  of 
content  servers,  drastically  expanding 
their  load  carrying  capabilities. 

Reduce  Costs 

Besides  eliminating  servers,  rack  space, 
management  and  licensing  costs,  T|X’s 
real-time  compression  typically  cuts 
bandwidth  use  by  50%. 


Redline  Networks ’™ 


We  all  know  its  true  —  the  Internet  isn’t 
fast  enough  and  faster  downloads  are 
always  better.  Now,  sites  can  accelerate 
downloads  of  static  and  dynamic  content 
to  all  of  their  users  by  deploying  Redline 
Networks’  T|X  acceleration  appliance  in 
their  data  center.  It’s  that  easy.  It  takes  less 
than  an  hour,  it  makes  your  whole  site 
faster,  and  it  cuts  your  bandwidth  bill  too. 


Reduce  Bandwidth  Needs  by  50%  •  Deploy  in  About  an  Hour 


www.RedlineNetworks.com  For  more  information:  1.877.550.6420 


better  Performance  is  Better  Business. 


Terminal  S  erver  Evolution 


I  telnet  onella 

Trying  192.168.100.197... 

Connection  to  onella. 

Escape  character  is  ,A] 1 , 

PORT  AND  ACCESS  SETUP  MENU 

■  • 

How 

1)  Change  first  TCP/IP  port  [1024] 

2)  Change  first  TCP/IP  port  [1024] 

it 

3)  Change  first  TCP/IP  port  [1024] 

4)  Change  first  TCP/IP  port  [1024] 

was 

5)  Quit 

[  NOTE:  You  currently  have  unsaved  modifications  ] 

Enter  an  action  (1/2/3/4/5)  [5]:  | 

FNe  Maintenance  Reports  IHenAvaitability  Global  view  Help 

D  AM ;  CM  MONj  UM[  ky 


Traditional  Terminal  Server 


Enterprise-level  Redundancy, 
Availability,  Scalability  and 
Security  at  $100  per  Port 


Term  Master  software 


RTS  Console  Access  T< 


erminal 


888-423-6226  http://admc.com 


You  can  administer  and  access  any  number  of  consoles  from  a  single  interface. 

You  can  perform  remote  real-time  monitoring  and  delegated  administration  with 
the  SSL-protected  Java,mGUI. 

Test  Drive  an  RTS  online  at  http://admc.com/testdrive 

Term  Master  Copyright  2002  Axis  Data  Management  Corp  Java  and  all  Java-based  marks  are  trademarks  or  registered  trademarks  of  Sun  Microsystems,  Inc  in  the  U  S  and  other  countnes 


GET  A  ft  Subscription! 


Tin  leader  In  network  knowledge 
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Apply  on-line  today  at: 
www.nwwsubscribc.com/pb502 
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Get  A  FREE 
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Sto”,  still  a  tough  sell 


Subscription! 


\  $255. 
Value! 


00 


APPIYON-IINE  TODAY  AT: 

www.nwwsubscribe.com/pb502 


Spread  the 
Word  to  Your 
Colleagues! 

Tear  off  a  card  above  and 
pass  it  to  a  fellow  Network 
IT  Executive  who  might 
want  a  FREE  Network  World 
subscription! 


Cables 


APC  offers  a  comprehensive  line  of  cables  and  connectivity  solutions  to 
fulfill  the  connectivity  requirements  of  any  application  or  environment 


Configure  your  recks  with  APC.  Simply  visit  promo.afjc.com  today! 


ProtectNet® _ 

Data  line  surge  suppressors  for  comprehensive  network/PC  system  protection 

•  Protects  against  surges  and  electrostatic  discharge  traveling  through  data  lines 


LCD  Monitors 


High  quality  rack-mount  LCD  monitors  designed  to  maximize 
space  in  a  data  center  environment 

•  Provides  optimal  functionality  while  utilizing  only  1 U  (1 .75")  of  rack  space 

•  Includes  1 5"  LCD  monitor,  integrated  keyboard  and  integrated  pointing  device 


KVM  Switches 


Server  switches  designed  to  increase  system  availability  and  manageability 

•  4  and  8-port  models  available:  expandable  to  support  up  to  64  servers 

•  Models  available  that  support  Sun,  USB  and  PC  servers  simultaneously 

•  Built-in  scanning  feature  allows  you  to  automatically  monitor  your 
computers  without  intervention 

•  On  Screen  Display  (OSD)  functionality,  advanced  security  features 


NetShelter®  Open  Frame  Racks _ ^ 

Economical  open  frame  solutions  for  wiring  closets  and  data  center 
networking  applications 

•  Designed  to  accommodate  networking  devices  such  as  hubs,  routers  and  switches 

•  Industry  standard  7'-high  design  provides  45U  of  equipment  mounting  space 

•  Self-squaring  design  allows  one-person  assembly 

•  Made  of  high-strength  6061 -T6,  structural-grade  aluminum 


MasterSwitch™  Series 


Remote  power  distribution  for  network  administrators 

•  Users  can  configure  the  sequence  in  which  power  is 
provided  to  individual  receptacles  upon  start-up 

•  Built-in  Ethernet  interface  for  direct  connection  to  LAN 

•  Individually  control  8  on-board  power  outlets  for  shown  mounte(j  jnsjde  a 

complete  and  flexible  management  of  attached  equipment  NetShelter1'  VX 


APC,  the  name  you  trust  for  power  protection,  also 
offers  a  comprehensive  line  of  non-proprietary  racks, 
rack  accessories  and  management  tools  that  provide 
you  with  the  flexibility  to  implement  a  highly  available, 
multi-vendor  environment.  APC  allows  you  to  create 
a  rack  environment  with  the  level  of  availability  you 


Look  for  these  other  great 
rack  accessories  from  APC: 


Fixed  and  Sliding  Shelves 
Cable  Management  Shelves 
Fans 

Keyboards/Keyboard  Drawers 
Stabilization  Kits 
Power  Distribution  Units 


Visit  www.apc.com 
for  more  information! 


Visit  APp  at 
Booth#®659 


Rack  'Em  Up  with  APC 


require  and  provides  you  with  the  accessories  and 
management  tools  to  maintain  that  level  of  availability 
over  time.  Our  expert  Configure-to-Order  Team  can 
custom  tailor  a  complete  rack-mount  solution  to  suit 
your  specific  requirements.  Contact  APC  today  and 
protect  your  rack  application  with  Legendary  Reliability'". 


Air  Distribution  Unit 


A  unique  2U  rack-mounted  fan  tray  unit  that  connects  into  raised 
floors  and  pulls  conditioned  air  directly  into  the  enclosure 

•  Dual  fans  provide  increased  air  flow  needed  to  cool  densely  packed  equipment 

•  Improves  air  delivery  in  poor  static  pressure  areas 

•  Enhances  air  quality  to  rack  equipment  by  providing  30%  efficient  filtration 

•  Adjustable  depth  to  fit  most  leading  enclosures 


NetShelter®  VX  Enclosures 


Next  generation,  high-quality  enclosures 

•  Fully  ventilated  front  and  rear  doors  with  enhanced  ventilation  pattern  maximize  airflow 

•  Overhead,  base  and  side  cable  access  provide  easy,  integrated  cable  management 

•  Rear  Cabling  Channel  (42"-deep  versions  only)  allows  for  easy  installation, 
access  and  serviceability  of  both  data  cables  and  power  distribution 

•  Available  in  multiple  configurations:  35.5"-deep,  42"-deep,  beige  or  black 


Key  Code  f21 5y  •  Call  888-289-APCC  x641 0  •  Fax  401  -788-2797 


Legendary  Reliability' 


©2002  American  Power  Conversion  All  Trademarks  are  the  property  of  their  owners  APC4A1EF-USe  •Powerfax  (800)  347-FAXX  •  E-mail:  apcinfo@apcc  corn*  132  Fairgrounds  Road.  West  Kingston  Rl  02892  USA 


Information  Rules. 
Protect  Yours. 


If  you’re  responsible  for  safeguarding  your  organi¬ 
zation’s  intellectual  assets  and  enterprise  networks, 
SilentRunner  is  your  next  step  in  security  technology. 
Our  patented  Network  Security  Analysis  products 
provide  you  the  ability  to  cost-effectively  safeguard 
your  electronic  property  by  correlating  remote  and 
internal  communications  and  data  into  critical 
decision-making  information. 

SilentRunner’s  state-of-the-art  visualization  tech¬ 
nology  further  empowers  organizations  to  solve 
complex  problems  by  expediting  network  security  and 
network  management  decision-making  efforts. 

Information  Rules.  Protect  Yours. 

For  your  free  "Risk  Management  y‘ 

&  Security"  White  Paper,  visit  \  .  ' 

www.silentrunner.com,  or  call  \\ 
800-842-2366  ext.  2  today. 


SilentRunner 


849  Internationa!  Drive  •  Linthicum,  Md  21090  •  800-842-2.366 

www.silentrunner.com 
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•  Reboot  via  Built-in  modem,  LAN/WAN 
and  wireless  connections 

•  Lower  costs  through  reduced  network 
downtime  and  field  service  visits 

•  SMARTstart  and  SHARPstart  PDU’s 
offer  customization  and  are  upgradable 

•  Menu-driven  user  friendly  interface 
and  secure  password  protection 

•  Global  access  to  monitor,  program, 
reboot  and  sequence  outlets 


SPECTRUM  CONTROL  INC. 

Power  Technologies  Group 

www.specpower.com/remote22 


NetworkWorld's 


The  Hub  of  the  Network  Buy 


Marketplace 


GET  YOUR  DREAM 
ENCLOSURE  SOLUTION 
IN  AS  FEW  AS  5  DAYS 


Vented  top  panel 
incorporates  dual 
2.5"  x  6"  cable 
access  openings. 


Cable  management 
accessories  provide 
efficient,  organized 
connectivity 
solutions. 


I 

ill 

Fully-vented  doors 
are  available.  All 
door  styles  can  be 
readily  changed  to 
hinge  from  either 
the  left  or  right. 


Top  fan  panel 
boosts  air 
circulation  within 
the  cabinet.  A 
separate  cable 
access  panel 
keeps  wiring  in 
place. 


Innovative  bottom 
cable  entry  design 
provides  users  with 
flexibility  and 
unequaled  wire 
management 
access. 


Rugged  anti-tip 
plates  can  be 
mounted  on  the 
front  or  rear. 
Reversing  the  plate 
allows  for  easy 
stowing. 


Side  panels  lift  off 
for  fast  and  easy 
access,  and  are 
available  in  either 
solid  or  vented 
versions. 


Caster,  leveler 
mounting 
and  grounding 
capabilities  are 
integrated 
directly  into  the 
cabinet  structure. 


It's  a  reality  made  possible  by  Emcor's  new 
ISONet’“  enclosure  system.  These  new  and 
innovative  network  enclosures  come 
complete  with  all  the  versatile  features 
you  need  to  get  custom  performance 
and  standard-design  economy.  We  can 
provide  you  with  the  most  cost-effective, 
tightly  engineered  network  packaging 
solutions  in  the  industry. 

For  the  complete  story,  call  for  our  new 
brochure.  After  you've  looked  over  the 
long  list  of  available  options,  you'll  find  that  Emcor's 
lSONet™enclosures  have  all  the  important  performance 
features  you've  been  wishing  for. 

Instant  ISONet  “  units  ship  in  five  days  -  all  others  in  15. 


iso/fet" 

n  Imaainable  '  VftomEMCOR' 


Every  Option  Imaginable 


Call  507-287-3535  for  a  brochure  or  visit  our  website  at  www.emcorenclosures.com. 
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IPX 


CDP 
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CCNP™ 


CISSP 


CIW 


Security 


TM 


SANS  GSEC™  Checkpoint  CCSA  “ 
Cisco  MCNS™  Checkpoint  CCSE™ 
Cisco  CSPFA™  Checkpoint  CCAE™ 
Cisco  CSVPN™  Citrix  Security  &  1CA 
Cisco  IDSPM™ 

MS  Designing  Security » 


■ 
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All  Boson  Software.  Inc  study  guides.  practice  testa,  and;orma>enais  H>  ran  snomomd  tv/  endorsed  by  01  aftwaterf 
with  ISC2,  SANS  Cisco  Systems.  Inc..  ProSoft.  Inc .  Chech  Point  Inc..  CItri*  Inc.,  tAcioaoft  Inc..  o<  any  sthe <  company 
Boson,  Boson  Software  Boson  Training,  Router  University.  RouterU.  Router  Emulator,  RouterCML  Route.  Sim.  K rang, 
QuizWare.  Network  Emulator  Network  Simulator,  boson  com.  Boson  Router  Simutator,  and  Know  Simulator  am 
Trademarks  or  Registered  Trademarks  o f  Boson  Software.  Inc.  in  toe  United  Stales  and  certain  other  countnes 
■B  All  other  trademarks  are  trademarks  ot  their  respecdre  owners  Copyright  2002  Boson  Software,  Inc 


rketPlace 


The  Hub  of  the  Network  Buy 


STREAM  AND 
TRANSFER 


RECORD  AND 
STORE 


PLAYBACK 


Anywhere ,f  Anytime,  Any  Network! 


VBrick 

systems,  ine. 

1  -(866)  VBRICK- 1  (866-827-4251) 


VBSTAR  is  a  revolutionary  new  video  product  from  VBrick 
Systems!  It  streams  live  MPEG-2  video  over  IP,  records  it  to  an 
internal  hard  drive,  sends  it  over  the  Internet,  and  plays  it  back 
anywhere,  anytime. 

www.vbrick.com/vbstar.asp 


onnectivity  Solutions 


-based  Connectivity 


Dial  Access  at  its  best! 


MuitiporuSerial  Adapters 

±t.- *  -  f'  rz  z 


ESP  Family  of  10/100 
Serial  Hubs 


Multi-modem  Adapters" 


fouiNoy 


Serial  ports  over  IP 


*  Dial  access  at  its  best! 


Place  8  or  16  serial  ports 


Adapters  available  in 


at  the  point  of  need 


4  and  8  port  models 


4-128  ports  per  server  slot 


These  NEW  Universal  Multiport  Serial  Adapters 


support  a  5V  or  a  3.3V  PCI  bus  slot 


ioiiable-andiCost-effecfiveiSerialTConnectivityiSolufions 

**f±^M-±**—*»——**~Z. - - - - “ - — - - - —  —  -  -  -  -  -  — -  -  -  -  -  —  —  ~  -  -  -  -  - 


Call  today  for  a  FREE  30-day  evaluation  of  any  Equinox  product, 
1-  800-275-3500  ext:  615  or  email:  sales@equinox.com 
For  more  information  visit  www.equinox.com 


TWORLD  INTEROP 
PECIEVE  A  FREE  GIFT* 


an  Avocent  Company 


'ay,  Sunrise  FL  33351  In  the  US  call:  800-275-3500  or  email:  sales@equinox.com,  for  international  sales  call:  +1  -954-746-9000  or  email:  intlsales@equinox.com 

April  2002  EqjAnox  Systems  an  Avocent  Company  An  rights  reserved  All  brand  names  and  product  names  are  trademarks  or  registered  trademarks  ot  their  respective  holders 
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Telnet  and  Dial-Up  Console/AUX  Port  Switch 


Telnet  and  Dial-Up  Network  Power  Switch 


Cost  Effective  Terminal  Server  Alternative 


Reboot  Locked-up  Equipment 


AC  or  -48V  DC  Power 


lOBase-T  Ethernet  Interface 


19”  Rack  Mounted 


RS232  Ports 


(  Console  Management  Switch  (CMS) ) 

8, 16  or  32  RS232  DB-9  Serial  Ports 
Simultaneous  Telnet  Sessions 
Non-Connect  Port  Buffering  -  32K 
IP  Security  Features 

Modem  Auto-Setup  Command 
Strings  (User  Definable) 

NEBS  3  Approved  DEMOTE  ADMINISTWCR 


CMS- 16 


lOJ — 

-.-rf,  7  MODEM 

-□ 

LOCAL  TERMINAL 


Local  RS232  Console  Port 


Dual  15  Amp 
Power  Circuits 


Modem  Port  for 


Individually  Controlled  Outlet  Plugs  (8) 


lOBase-T  Ethernet 
Interface 


19”  Rack  Brackets 
Allow  Front,  Back, 
or  Center  Mounting 


Out-of-Band  Management 


(  Network  Power  Switch  (NPSp 

•  8  Individual  Outlets  •  Outlet-Specific  Password  Security 

•  On/Off/Reboot  Switching  •  Network  Security  Features 

•  Integral  lOBase-T  Interface  •  11 5-VAC  (230-VAC  available) 

•  Co-Location  Features  •  Power-Up  Sequencing 


□ 

□ 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517 


vmw.wti.com 


See  us  at  Networld+lnterop,  Booth  #6828 


(800)  854-7226 

Keeping  the  Net. .Working! 


Your  network  costs  a  fortune.. • 


NEW 

LOWER 

PRICES! 


protecting  it  doesn't  have  to 

Global  LAN  Furniture 
protects  your  equipment 
for  a  lot  less  money. 


72"  Workstation 

s799 

=S*  '  Stk.  #  C95033 


Our  heavy-duty  LAN  Furniture  is  built  to 
last  with  steel-reinforced,  triple-leg  support 
and  lateral  braces.  Built-in  cable  management 
system  hides  unsightly  wires  and  organizes 
and  separates  cables.  Deep  30"  work  sur¬ 
face,  adjustable  shelves  and  sturdy  server  shelf 
allow  for  easy  integration  of  all  your  network 
equipment,  providing  a  complete  storage  solu¬ 
tion.  Our  96",  72",  48"  and  24"  wide  units 
combine  with  additional  shelves,  keyboard 
drawers  and  casters  for  unmatched  flexibility 
to  meet  your  changing  needs. 


SAVE  A  TON  OF  MONEY 
ON  YOUR  NEXT 
MEDIA  PURCHASE! 
Check  out  our  prices  today! 


24"  Workstation 

$299 

Stk.  #  C20803 


A. 


Keyboard  drawers 
and  casters  sold 
separately. 


GLOBAL 


COMPUTER  a  Systemax 


company 


CALL  1 -8OO-8-GLOBAL 

or  visit  us  online  for  the  LAN  solution  that  is  right  for  you. 

www.globalcomputer.com/go/mag/lan  pe(  #nw5/02 


To 


using  Zero  U 

of  rack  space? 


SI  Sentry  power  tower 


Your  Zero  U  Reboot  Solution 


16  remotely  addressable  power  outlets  — 
The  highest  density  available  of  any 
Remote  Power  Management  vertical  strip. 

30-amp  power  input  feed  distributed 
across  16  outlets. 

Mounts  vertically  in  your  equipment  rack  or 
cabinet  and  requires  Zero  U  of  rack  space. 

Load  Sense  provides  real-time  current 
monitoring  in  the  remote  screen  interface 
and  through  a  built-in  LED  display  for  on¬ 
site  measurement. 

Power-up  sequencing  of  all  16  outlets 
prevents  an  in-rush  current  overload. 

Telnet,  SNMP,  Modem  or  RS-232  interfaces  for  easy, 
practical  and  secure  power  management  of  remote 
internetworking  equipment. 

;y  ■ 

r  Install  the  new  Sentry  Power  Tower  in 
:  your  data  center,  NOC  or  co-lo  facility 
;  and  gain  the  advantage  of  remotely 
:  rebooting  up  to  16  of  your  equipment 
:  units  -  without  occupying  any  space  in 
!  your  rack  or  enclosed  cabinet. 

■  1 

'  Try  the  New  Sentry  Power  Tower  in  your 
rack  or  cabinet  and  realize  the  benefits 
of  Intelligent  Power  Distribution  and 
Remote  Power  Management. 

1 1  omplete  product  line  at  www.servertech.com 

*3^15*5  or  775.284.2000 

Another  great  product  from 

i  Server  Technology,  Inc. 


Custom  Storage 
Solutions 

to  meet  YOUR  needs! 

With  10  years  of  experience  as  custom  designed  provider  of 
Network  Attached  Storage  Servers,  RAID  Systems 
CD/DVD  Servers  and  Enterprise  Servers 
Excel  Meridian  Data,  Inc.  can  provide  a  reliable, 
scalable  and  powerful  storage  solution  that  can  easily 
attach,  manage  and  share  files  across  the  network  at 
an  affordable  price. 


WHAT  DO... 


^  Princeton  University _ 

^  The  US  Treasury  Department 

The  Democratic  National  Committee 

q  Blue  Cross  Blue  Shield _ 


have  in  common? 


They  all  chose  FAST  LINKS  to  handle 
their  needs  for  wireless  WAN  connectivity. 


Call  FASTLINKS  today 
and  see  what  sets  them  apart 
from  others  in  the  field  of 
wireless  integration. 

FA5TLINKS 
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www.wirelesswans.com 
(877)  877-0176  toll  free 
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Marketplace 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


OBSERVER’ 


OBSERVER 

SUITE 


Visit  us 

..theNV^s"?" 
in  Las  veg^ 


Observer 
* 995 


Expert 
Observer 
* 2895 


Observer 
Suite 
* 3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 


NETWORK 

INSTRUMENTS 


©2002  Network  Instruments,  LLC.  Observer,  “Network  Instruments"  and  the  “N  with  a  dot”  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 


Voice  Quality  Assessment 


Providing  clear,  uninterrupted  voice  is  critical,  irrespective  of  what  type  of 
network  is  carrying  the  voice.  GL's  Voice  Quality  Testing  (VQT)  Software, 
accessed  through  an  easy  to  use  GUI  interface,  provides  the  voice  quality 
measurement  and  analysis  tools  necessary  for  today’s  voice  networks. 
Typical  network  applications  include  VoIP,  PSTN,  ATM.  Frame  Relay, 
and  Wireless  Networks. 

•  Use  the  Most  Widely  Accepted  Algorithms  for  Voice  Quality 
Testing  -  PAMS  (P.800).  PSQM  (P.861).  &  PESQ  (P.862) 

•  Manual  or  Automatic  GUI  Operation 

•  Assess  the  Effects  of  Noise.  Delay,  and  Echo  in  Networks 

•  Measure  the  Effects  of  Packet  Jitter  in  VoIP  Networks 

•  Analyze  the  Effects  of  Codec  Compression  in  Wireless  Networks 

Visit  our  website  to  learn  more  about  GL's  T1/E1  T3  Analysis.  Digital  CO 
Simulation,  and  Analog  &  Wireless  Voice  Quality  Testing  Solutions. 

(1>  rTL  Conummicalirms  Trie. 

Phone:  301-670-4784  •  Fax:  301-670-9187 
E-Mail:  mfo@gi.com  •  Web:  www.gl.com  vqt 


Quick  Turn  Around 


Patch  Cord  Cables 

CAT  5  and  CAt  5E 

RJ45  one)  I  TO  Pnlch  cobtey  y 
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( fflCableM \ 

www.gocables.com 


R«ti*v«  40%  nii  ysur 
nut  Ontin*  furcboM  using 
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Dfeco«iit  bemd  uq  os  atkfhomtJ  I  OS  jti  a 
30%  dbsoust  tor  <jI  $50  o t  note 

Standard  on  to  Mpfiif  5*  !w»d 


DEVICE  DASHBOARD 
SECURITY  APPLICATION 

HELP  DESK 

MONITORING  •  MANAGEMENT  •  OUTSOURCING 


www.interloci.com 


203-622-4673 


A  uthorized  Reseller 
Buy  Sell  Lease  Repair 

New  Refurbished  Used 

Routers  Nortel  DSU/CSUs 

Switches  Memory  3Com 

Hubs  ISDN 

1  877  231  2451 


www.wdpi.com 

Email:  cisco6@wdpi.com 


"This  is  the  way  to  learn!" 

Recognized  for  technical  accuracy,  our  dynamic  courseware  lets  you  engage  with, 
relate  to  and  learn  from  experts  right  at  your  desktop. 


*  Practical  and  proven  -  a  99%  pass  rate! 

*  Convenient  and  affordable 


Take  advantage  of  the  special  offers  below 
and  find  out  why  this  is  the  way  to  learn! 


•  Engaging  presentation 

•  Motivating  instruction 

•  Accurate  information 


Special  savings*  on  these  great  titles: 


Win  2000  MCSA  Core  Series  IS  Sessions  $  79S  reg.ti.09S 

Win  2000  MCSA  Plus  Series  A.  bNcfwoit.  i  27  Sessions  $  1,445  reg  si.925 
Windows  2000  Core  Series  19  Sessions  $  995  <eg.si.iss 

Windows  XP  Professional  6  Sessions  $  370  reg  s  *95 

Office  XP  Professional  Senes  16  Sessions  $  585  <«g  $  m 

Office  2000  Professional  Senes  18  Sessions  $  675  mg  t89s 


N£*RTEL  NETWORKS 


•  Nortel  Service  Contracts  •  Free  Technical  Support  •  Good  As  New  Gear, 


•  Nortel  Service  Renewals  •  Next-Day  Hardware  *ame  35  New  Warranty 

Replacement  ~  ot  Better  Than  New  Prices 


Refurbished  Specials: _ _ 

ASN/2-32mb  Refurbished  Advanced  Stack  Node  Bundle  Special  $2,995 

Includes  AF0002E13-32mb  Redundant  Base  Unit 
lx  34000  Dual  Ethernet,  lx  AF21 11005  Quad  Sync 
lx  AA001 1004  Fast  Packet  Cache,  lx  AF2104013  128  bit  Compression  Module 

BayStack  350T-HD  (AL2012E10)  24  Port  10/100  switch  As  LOW  As  $150 

Refurbished  Grades  may  vary.  "A"  Grade  sale  price  $350.00 
One  Year  Warranty 


BayStack  450-24T  (AL2012E14)  24  Port  10/100  Stackable  Special  $895 

Backbone  Router  Special-AG  1004005  Special  $3,249 

Refurb  kit  includes  Dual  IOOBT  with  the  Fast  FRE2-060-64mb 


NETWORK  •  ONLINE  •  CD-ROM  •  VIDEO 

((•flit'  Natali*  •  (lici*  •  iilit*  •  A  4  •  k  •  *  •  II  a  •  i  •  CIW* 


LonKa 


Learn  From 

1  8u0.865.0165  •  AvailableONLYatlearnkey.com/networld  The  Experts 


a  Iw  Bmht-khm  pHifcaf  mm*  Cwgiigti  m4m« 


Dontwant  used?  Try  our  low  prices  on  new!  Call  Today! 

Call  for  Free  Quote! 


Celeb  raliu 


888-8LANWAN 

(888-852-6926)  : 

National  LAN  Exchange  •  WWW.nle.com 
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The  Hub  of  the  Network  Buy 

M 
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Get  More  for  Today's  Budget! 

Contact  BIZI 
to  SAVE  up  to  80% 

•  50-80%  Savings  off  Retail  List  Prices 

•  120-Day  Warranty 

•  100%  30  Day-Money  Back  Guarantee 

•  Large  Inventory,  Same  day  Shipping 

•  Supplying  Quality  Networking  Products 
for  Over  10  Years  with  In-House  Technical  Support 


Request  a  Quote  on-line  at: 
http://www.bizint.com  or  info@bizint.com 

(877)  438-2494 

or  (315)  458-9606  fax:  (315)  458-9493 

Your  global  partner!  hi  new  &  quality 

We  Buy,  Sell,  Trade  and  Lease...  pre-owned  networking  equipment 


ISCO,  BAY/NORTEL,  3COM,  CABLETRON,  EXTREME,  FOUNDRY,  JUNIPER 


lTIVhl 

COMMUNICATIONS 


PRODUCTS 


We  Buy  and  Sell 

New  and  Refurbished 
Fully  Guaranteed 
Overnight  Delivery 


Routers 
Switches 
Interface  modules 
Access  Servers 
Muxes 
DSU/CSlTs 


CISCO 

Nortel  (Bay)  Networks 
Lucent (Ascend) 

Juniper  -  Extreme  Networks 
Adtran  ■  Larscom  •  ADC  &  others 


800-TO-MULTI  800-866-8584  www.mlcp.com  sales@mlcp.com 


m 

i 

l  CISCO 

New  &  Used  * 

800.451.3407 

90  Castilian  Drive.  Suite  110.  Santa  Barbara.  CA  93117 

Routers 
Switches 
interface  Modules 
Access  Servers 
Accessories 

www.networkhardwarE.com 

BUY  ONLINE 

L _ _ _ 

■ 

■1 

LSI 

NETWORK  HARDWARE  RESALE  Hi 


WEBCAST  PUBLIC  AUCTION 


Auction  By  Order  of  Secured  Parties  in  the  Matter  of 

YVorldStreet,  Beeehfire,  PointOne  &  Others 

11:00AM,  FRIDAY,  MAY  17  •  SANTA  CLARA,  CA 

INSPECTION  SITE:  2865  URANIUM  DR.,  SANTA  CLARA 
Auction  location  to  be  announced 


MUtTIMILLION  DOLLAR  VALUATION  *  SUN  »  CISCO  •  DELL  «  COMPAQ  «  HP 

SERVERS  •  CISCO  SWITCHES  &  ROUTERS  •  DELI,  COMPAQ,  IBM  &  APPLE  PC'S  •  NOTEBOOKS  •  MONITORS, 
17*-2r  •  COPIERS  &  FAXES  •  PRINTERS  •  APCS  •  OFFICE  FURNITURE  &  BUSINESS  EQUIPMENT 


sit  out  mm  for  morf  information: 


www.CowanAlexander.com 

owanAlexander,  llc_ 888-875-SOLD 


Systems: 


i/Memory 


EQUIPMENT 


Also  Available:  Wellfleet,  Bay,  Fore, 
Xylogics,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 


COMSTAR,  INC. 

The  * 1  Network  Remarketer 

952*835*5502 

Fax  952*835*1927  E-Malhsales@comstarlnc.com 


Jumpers,  Pigtails,  Termination  Boxes, 
Preconnectorized  Backbone  Cable, 
Mode  Conditioning  Cables, 
Ethernet  Converters  and  Switches, 
CATS  Products,  Photonic  Devices 

wwwiiberdyne.com 

y\  FIBERDYNE  LABS,  INC. 

l-(800)  894-9694 
(315)  895-8470 
Fax  (315)  895-8436 


'®r  View  Cart  Clear  Cart 


FACTORY  DIRECT 
FIBER  OPTIC  PRODUCTS 


FIBER  OPTIC 
SOLUTIONS 


•  T1/E1  &  T3/E3  Modems 

•  RS-232/422/485  Modems  and 
Multiplexers 

•  IBM  3270  Coax,  AS/400  Twinax,  and 
RS/6000  Modems  and  Multiplexers 

•  LAN  -  Arcnet/Ethernet/Token  Ring 

•  Video/Audio/Hubs/Repeaters 

•  ISO  -  9001 

3.  l  TECH 

Toll  Free  866-SITech-1 
630-761-3640,  fax  630-761-3644 

www.sitech-bitdriver.com 
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AUTHORIZED  RESELLER 
Access/Routers/Switches 
Cisco  Livingston  Ascend 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyplex 
Computone  Digital  Link 
Modems  /  DSU  /  Muxes 
IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultfTech  Penril 
Racal  Telebit  Zoom 

WE  BUY  AND  SELL 
www.wrca.net 
800-699-9722 
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|  Boson  Training 

(813)  925-0700 
www.bosontraining.com 
CCIE,  CCNP,  CSS1,  CCNA,  Cisco, 
wireless,  CISSP 

PMG  NetAnalyst 

(800)  645-8486 
www.NetworkTraining.com 
Network  Forensic  Analysis  and 
Security  Training  and  Services 


Learnkey  Inc. 

(800)  865-0165 
www.leamkey.com 
Self-paced  online  CD  network 
certification  developer  bus/apps 


W 


NETg 

(800)  828-2050 
www.wavetech.com 
IT  Certification  Boot  Camps  with 
Guaranteed  Success 


To  Place  Your  Listing  Here 
Call  Enku  Gubaie  at  1-800-622-1108 


Contact  these  companies  today  to  help  you  with  your  training  needs! 


^s’C084i7'- 


Tel:  408.727.1122  [j]eCJMRE% 
Fax:  408.727.8002 


343  1  DE  LA  CRUZ  BLVD. 
WWW.RECURRENT.CDM 


technologies,  inc. 
SANTA  CLARA,  CA  95054 
INFD@RECURRENT.CQM 


its  a 

HO  brainer! 


•  Cisco  Systems  ■  Extreme  Networks  Nortel  Networks 

■  Juniper  Networks  ■  Foundry  Networks  ■  Lucent  Tedmalog 

www.digitalwarehouse.com  .  Alcoiei 


Your  Information  Superhighway  Discount  Source a 


Phone :  800-439-8558 


or  1718-8^^000 

56-29  56th  Drive ,  Mospeth,  NY  11378  USA  Fax:  7 7  8 -894- 1 5. 
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How  does  a  state-of-the-art  workplace  with 
on-site  daycare,  fitness,  and  dining  facilities 
sound?  That's  just  the  beginning  of  what 
NCCI  Holdings  Inc.,  the  leader  in  the  Workers' 

Compensation  data  collection  and  analysis  industry, 
offers  our  team  members.  We've  made  the  commitment  to 

build  our  future  on  the  idea  that  a  successful  business  is  achieved  by  recruiting  and  retaining 
the  best  and  brightest  and  rewarding  their  efforts.  Aren't  you  ready  to  join  a  company  that  has 
achieved  prestigious  recognition  for  our  innovative  family-friendly  programs  and  practices? 


Our  efforts  to  create  "the  2002  workplace” 

haven't  gone  unnoticed. 

*  CFO  Magazine  ranks  NCCI  as  one  of  the 
best  work  places  for  financial  professionals 

«*  Work/Life  Achievement  Award  Presented 
by  Child  Care  Resources  &  Referral 

**  Human  Resources  Association  of  Broward 
County  Best  Practice  Award-Recognition 
for  our  performance  and  compensation 
program 

*•  Workforce  Optimas  Award-National 
recognition  for  our  Human  Resources 
strategies,  policies,  and  programs 


\CCt  Holdings,  Inc. 
www.ncci.com/careers 


If  you  share  our  drive  for  success  and  our 
commitment  to  customer  service,  it's  time 
you  joined  our  team.  Opportunities  may  be 
available  in  these  areas: 

Actuarial  &  Economic  Services 

*•  Corporate  Communications 

Corporate  Finance/Administration 

»  Customer  Operations 

**  Data  Resources 

**  Human  Resources 

Information  Technology 

Legal 

Product  Development 
Regulatory  Services 
Risk  Services 


Drug/smoke-free  workplace  Regretfully,  only  those  candidates  selected  for  further  consideration  will  be  contacted.  EOE  M/F/D/V 


SOFTWARE  ENGINEERS  (8 
positions)  require  Bachelor's 
or  equivalent  in  Engineering/ 
Computer  Science/Mathematics/ 
Science  or  closely  related  field 
with  experience  providing  skills 
in  described  duties,  at  $70,000 
per  year;  Senior  Software  Engi¬ 
neers  (8  positions)  with  Master’s 
or  equivalent  and  experience,  at 
$75,000  per  year.  Provide  on-site 
consulting  in  design,  analysis 
and  development  of  software 
applications  for  legacy  systems 
in  IBM  mainframe  environment; 
development  and  administration 
in  Oracle,  DB2,  SQL  Server  and 
Sybase;  e-commerce  and  web 
applications  development  in 
Microsoft,  Java  and  related 
technologies;  network  manage¬ 
ment  systems  development  with 
Netscape  Server  and  related 
tools;  SAP  Ft/3  applications  on 
Windows  with  DOS  and  ABAP/4 
and  related  modules  40%  travel 
to  client  sites  in  United  States. 
Mail  resumes  to;  Y  &  L  Consulting, 
Inc.,  7550  I  H  10  West,  Suite 
940,  San  Antonio,  TX  78229. 


Lead  Engineer  to  administer 
Local/Wide  Area  Networks  in¬ 
volved  in  the  design,  installation 
and  support  of  network  equip¬ 
ment  and  operating  systems;  to 
implement  and  maintain  switches, 
routers,  remote  access  servers, 
domain  servers,  security  firewalls, 
application  servers  and  Internet 
or  Intranet  devices  and  connec¬ 
tions  Must  have  a  Master's  degree 
in  CIS,  MIS,  Business  Adminis¬ 
tration  or  related  area.  Full  certi¬ 
fication  as  a  Microsoft  Certified 
Network  Engineer  (MCSE)  and 
Cisco  Certified  Network  Associate 
(CCNA),  and  minimum  of  one- 
yea'  expei  lence  in  Local  Area 
Network  (LAN)  and  Wide  Area 
Network  (WAN)  40hrs/wk.  Send 
resume  to  John  G.  Veres  III, 
University  Outreach,  Auburn 
Urmrers+y  at  Montgomery,  600  S. 
Court  St  Ste  110,  Montgomery, 
AL  36104  Ref  C-ode:  AL-RH 


Responsible  for  the  development 
of  medical  practice  computer 
system  based  on  user  require¬ 
ments.  Provide  support  and 
write  specifications  to  effectively 
maintain  and  enhance  system. 
Automate  and  monitor  medical 
practice  flow.  Monitor  the  operation 
of  assigned  application  system 
and  coordinate  corrective  actions 
when  necessary.  Supervise  and 
train  programmers  and  other 
project  team  members.  Will  utilize 
web-based  ASP  application, 
architecture,  design,  development 
and  deployment.  Oversee  the 
development  of  accurate  docu¬ 
mentation  that  complies  with 
company  standards.  Must  have 
a  Bachelor’s  Degree  in  Electron¬ 
ics  and  Telecommunications, 
foreign  degree  equivalent 
accepted  and  2  yrs  of  exp.  in  the 
job  offered.  Salary  Competitive, 
Send  resume  to:  Sharon  R. 
Eades,  Athens  Heart  Center. 
2005  Prince  Ave.  Athens,  GA 
30606 


Programmer/Analyst  (2  openings 
in  Norcross,  GA):  Entry-level 
positions  to  design  software 
system  using  Rational  Rose/ 
Clear  Case.  Code  w/  Java, 
Servlet/JSP,  DHTML,  XML,  Java 
Script,  C++,  VB,  COM/DCOM, 
PL/SQL.  SOAR  Configure  Apache, 
Tomcat,  Crystal  Enterprises/ 
Reports.  Work  w/  SQL  Server, 
MySQL.  Provide  system  support 
for  Windows/Linux.  Req  B.Sc.  in 
Com.  Sc.  or  its  foreign  degree 
equivalent.  No  prior  exp.  req. 
but  must  demonstrate  ability  to 
perform  job  thru.  Course-work/ 
project  in  OOAD  (Rational  Rose/ 
Clear  case),  Java,  C++  & 
Database  systems.  Resume 
w/  transcript  to  Eddie  Mansoori. 
Palatine  Systems  Corp.,  6801 
Governors  Lake  Pkwy.,  Ste  100, 
Norcross.  GA  30071 


♦ 


SR.  SOLUTION  DESIGNER 

Work  as  sr.  consultant  to  lead 
implemntn.  teams  and  mentor 
other  consultants  on  Global 
Logistics  Services  Network 
(GLSN)  implemntn.  methodology; 
monitor  and  audit  design  of 
complete  solutions  for  global 
customers;  promote  appln.  of 
best  business  practices;  function 
as  integral  part  of  GLSN  team 
to  deliver  solutions  for  logistics, 
hi-tech  and  mfg.  markets;  gather 
and  document  GLSN  solutions 
reqmnts.;  dsgn.  GLSN  Delivery 
Net  solutions;  perform  mapping, 
testing  and  implemntn.  of  GLSN 
solutions;  ensure  that  standard 
GLSN  solution  design  supports 
appln.  of  industry-accepted  best 
bus.  practices;  lead  special  global 
projects  to  develop/enhance  the 
co’s.  GLSN  object  model  in  order 
to  meet  bus.  reqmnts.  of  global 
verticals;  utilize  logistics  and 
best  practices  bus.  knowledge 
as  well  as  comp,  progrmng.  and 
supply-chain  bus.  exp.  to  trans¬ 
late  bus,  practices  into  models 
for  GLSN  technology  solutions. 
Master's  degree  in  Comp.  Sci,  or 
Bus.  Admin,  or  equiv.  of  Bachelor’s 
degree  (or  foreign  equiv.)  in 
Comp.  Sci.  or  Bus.  Admin.  +  5 
yrs.  of  progressively  responsible 
exp.  as  Sys.  Analyst  or  in  a 
directly  related  occupation  is 
reqd.  Must  have  working  knowl¬ 
edge  of  supply-chain  bus. 
concepts  of  GLSN,  best  bus. 
processes  in  logistics  and  supply 
chain  environment,  bus.  modeling 
and  simulation  education.  40 
hours/week,  OT  as  reqd.,  8  am- 
5  pm,  $90,000/yr.  Qualified 
applicants  submit  resume  to 
Director,  Pittsburgh/Allegheny 
County  CareerLink,  Attention:  JS 
Supervisor,  425  Sixth  Aenue, 
Suite  2200,  Pittsburgh,  RA  1 521 9. 
Please  refer  to  Job  Order 
Number  WEB239737. 


NIST 

Notional  Institute  o4 

Technoiogy  Administration 
U  S  Deportment  of  Commerce 


Supervisory  Computer  Scientist,  ZP-1 550-1 V  and  V 
Or 

Supervisory  Computer  Engineer,  ZP-0854-IV  and  V 

The  National  Institute  of  Standards  and  Technology  (NIST),  Information  Technology  Laboratory,  is 
seeking  individuals  to  fill  several  Manager  positions  within  the  Information  Services  and  Computing 
Division.  Responsibilities  include  providing  direction,  vision  and  oversight  to  the  programs  and 
resources,  i.e.  personnel,  equipment,  and  services.  Managers  will  work  with  government  and  indus¬ 
try  to  develop  programs  in  areas  such  as;  cyber  security,  networks,  enterprise  systems,  customer 
access  and  support,  communications,  and  application  development.  Incumbents  will  lead  the  planning, 
budgeting,  and  implementation  of  technical  projects  of  considerable  complexity,  applying  a  high  degree 
of  imagination,  creativity,  and  risk  assessment  to  problems  recognized  as  critical  obstacles  to  progress 

Appointments  are  at  the  ZP-IV  and  ZP-V  level  (equivalent  to  GS-14  or  GS-15);  salary  range  $66,229 
-  $126,970.  Applicants  may  review  vacancy  announcement  numbers:  NIST-02-13881550IV-CAH. 
NIST-02-1 3880854IV-CAH,  NIST-02-1 3891 550V-CAH,  or  NIST-02-138910854V-CAH  available  at 
www.usajobs.opm.gov  or  www.jobs.doc.gov/.  Applicants  MUST  apply  on-line  at  www.jobs.doc.gov/  in 
order  to  receive  full  consideration.  US  citizenship  is  required.  The  Department  of  Commerce/NIST  is 
an  equal  employment/affirmative  action  employer. 


Analyst  III 

BOEHRINGER  INGELHEIM 
PHARMACEUTICALS,  INC.  has 
an  immediate  opening  in  its 
Ridgefield,  Connecticut  office  for 
the  position  of  Analyst  III. 

Performs  bioinformatics  analysis 
utilizing  bioinformatics  research 
and  development  skills  in  different 
software  programs/algorithms 
and  databases  related  to  access¬ 
ing  and  analyzing  gene  function 
and  structural  information.  Re¬ 
sponsible  for  design  and  imple¬ 
mentation  of  novel  approaches 
to  mining  in  silico  biology  data  in 
support  of  drug  target  identifica¬ 
tion  and  validation  efforts  against 
inflammatory  and  autoimmune 
diseases. 

Must  possess  at  least  a  Ph.D.  in 
Biology  or  a  related  field  and  at 
least  a  bachelor’s  degree  in 
Computer  Science  or  a  related 
field  and  relevant  experience 
with  bioinformatics  research  and 
development  in  different  software 
programs/algorithms  and  data¬ 
bases  related  to  accessing  and 
analyzing  gene  function  and 
structural  information  and  com¬ 
putational  skills  in  application 
development,  such  as  JAVA, 
PERL  and  Oracle. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above 
and  specify  reference  code 
AD-GCD/GC0502  or  it  will  be 
rejected. 

Forward  resume  to  Bl  Staffing 
Center,  PO  Box  534,  Waltham,  MA 
02454.  Fax  number:  (781)  663- 
2431.  Email:  BIPI@BI-careers. 
com 


Prithvi  Information  Solutions 
International,  LLC,  provides  in¬ 
novative  and  comprehensive  E- 
business,  ERP,  and  E-integration 
solutions,  services,  and  products. 
We  are  looking  for  the  following 
position: 

Systems  Analysts:  Analyze,  de¬ 
sign,  develop,  test,  and  imple¬ 
ment  web  and  Java  technologies 
for  E-commerce  and  enterprise 
applications  using  Java  Servlets, 
Jbuilder,  Visual  Basic  and  VB¬ 
Script,  CORBA,  Oracle  Enterprise 
Server,  and  Visual  InterDev  on 
ADO,  RDO,  and  JDBC  control 
systems.  Candidate  must  be 
able  to  use  functional  knowledge 
of  Enterprise  Resource  Planning 
applications  and  modules  for 
data  manipulation,  technical  ad¬ 
ministration,  and  must  be  able  to 
design  and  implement  enterprise 
applications  using  data  modeling 
and  data  schema  techniques. 
Need  Bachelor's  degree  in  Engi¬ 
neering,  Computer  Science  or 
related  field.  Need  2  years  of 
experience. 

Send  Resume  to:  Prithvi  Infor¬ 
mation  Solutions  International, 
LLC,  214  S.  Craig  St.,  Suite 
#5,  Pittsburgh,  Pennsylvania 
15213  or  via  e-mail  at: 
info@prithvisolutions.com 


MSYS,  Inc.  is  a  leading  computer 
consulting  technology  solution 
provider  in  the  information  Tech¬ 
nology  market.  Our  offices  are 
located  at  South  Plan  Field,  New 
Jersey,  Fremont,  California  and 
Cary,  North  Carolina.  We  are 
looking  for: 

Software  Engineers:  to  Research, 
design,  develop  and  support 
computer  systems.  Evaluate 
software  and  develop  custom 
codes  and  conversions  that 
automate  specific  business 
processes  by  utilizing  SAP,  BW, 
SEM,  APO,  Peoplesoft,  JD 
Edwards,  Webmethods,  Security 
professionals,  Oracle  software 
and  other  database  environment 
and  platforms.  Interact  with  clients 
to  design  software  packages 
based  on  client  specifications. 
Requires  Master's  degree  in 
computer  science  or  related  field 
and  1  year  experience. 

Programmer  Analysts:  to  plan, 
test  and  develop  Internet  based 
programs  like  ERP  packages, 
customer  relationship  manage¬ 
ment,  sales  force  automation 
and  E-commerce.  Interact  with 
clients  to  design  solutions  using 
JAVA,  Distributed  technologies 
like  EJB,  CORBA,  Content  man¬ 
agement  tools  like  Interwoven, 
Documentum,  XML,  XSLT  and 
advanced  technologies  like 
NET,  Web  services  according  to 
client  specifications.  Requires 
Bachelor’s  degree  in  computer 
science  or  Engineering  or  related 
field  and  2  years  of  experience. 

Send  resume  to:  MSYS  Inc, 
140  Iowa  Lane,  Suite  201, 
Cary,  NC  27511,  E-mail: 
info  @  msysinc.com 


Senior  Software  Engineer 

Pitney  Bowes  Inc.  has  an  imme¬ 
diate  opening  in  its  Danbury, 
Connecticut  office  for  a  Senior 
Software  Engineer. 

Expand  the  features  and  capa¬ 
bilities  of  the  Company’s  document 
messaging  product's  mission 
critical  real-time  control  system 
utilizing  OOAD  and  C++  software 
under  WinNT.  Code,  design,  debug 
and  deploy  components  of  this 
large  C++  application. 

Must  possess  at  least  a  bachelor’s 
or  its  equivalent  in  Computer  ScF 
ence.  Engineering  or  a  related 
field  and  relevant  experience 
as  a  Software  Developer.  Must 
possess  experience  using  OOAD 
and  C++  under  WinNT  on  large 
scale,  multi-developer  software 
projects. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above 
and  specify  reference  code 
SSEVC  or  it  will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road.  Stamford,  CT 
06926-0700 


Trainer,  Professional  Services 

Pitney  Bowes  has  an  immediate 
opening  in  its  Lisle,  Illinois  office 
for  a  Trainer,  Professional  Services. 

Design,  create,  update  and 
deliver  courses  for  new  and 
existing  products,  including 
a  print  stream  manipulation 
product  that  enables  the  use  of 
modern  insertion  equipment,  the 
enhancement  of  printed  output 
and  the  interlace  to  print  handling 
tools,  as  well  as  a  suite  of  mailing 
efficiency  and  data  quality  solu¬ 
tions  designed  to  maximize 
postal  discounts  and  tools  for 
dealing  with  customer  tracking 
and  returned  mail  50-70%  travel 
required. 

Must  possess  at  least  a  bachelor's 
or  its  equivalent  in  Computer 
Science  or  a  related  field  and 
relevant  experience  as  a  Trainer 
in  IT  field,  including  hands  on 
experience  in  the  design,  creation 
and  delivery  of  technical  and 
non-technical  training  content; 
and  in  the  delivery  of  technical 
training  in  a  variety  of  hardware 
environments,  including  main¬ 
frames  and  personal  computers. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above 
and  specify  reference  code  TPS 
or  it  will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road,  Stamford.  CT 
06926-0700. 


Assoc  Dir.  of  Tech,  sought  by 
software  solutions  firm  to  develop 
product  technologies  in  areas  of 
equities  using  ARMA/ARCH/ 
GARCH  models,  electronic  pay¬ 
ments,  embedded  software  and 
POS  tech  for  SmartCard  enabled 
apps.  Must  have  B.S.  In  Comp. 
Sci  or  Engg.  +  5  yrs.  exp.  Reply 
to:  S.  Sangisetti,  630  Freedom 
Business  Center,  Ste  300,  King 
of  Prussia,  PA  1 9046. 


Director  of  Eng.  to  design  soft¬ 
ware  applns  for  interactive  real 
time  data  analysis/data  mining  in 
J2EE  arch,  using  Java.  Servlets. 
JSP,  XML.  BEA  logic  and  Oracle 
on  Windows  95/NT.  Must  take 
hands-on  role  in  sales  and  client 
development  Oversee  offshore 
product  devel  &  company  website 
mamt.  Salary  $80K  Job  location 
is  Boston,  MA  Requires  BS  in 
Eng.  or  Comp.  Sci.  or  Equiv  ,  5 
yr  exp.  in  Enterprise  System/ 
Distributed  Appln  Software  Devel 
Must  have  certification  in  Java, 
expertise  in  J2EE  technologies 
Apply  to  Desai  Technologies, 
260  Firestone  Drive.  Walnut 
Creek,  CA  94598  with  proof  of 
work  authorization. 
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Software  Engineer  sought  by 
NJ  based  Securities  Dealer. 
Must  possess  Master's  Degree 
or  equivalent  in  Computer  Sci¬ 
ence  or  directly  related  field 
and  1  year  exp.  in  the  software/ 
systems  development  and  design 
Respond  to:  Human  Resources 
Department:  Knight  Trading 
Group,  Inc.,  525  Washington 
Blvd.,  Jersey  City,  NJ  07310. 


Senior  Consultant  (multiple 
positions  available)  needed  for  IT 
consulting  firm.  Position  involves 
Oracle  database  administration 
and  database  development.  Duties 
include  analysis  of  business  needs 
and  design  of  solutions  using 
Oracle.  Will  use  Oracle  Developer 
and  Designer  tools,  VISIO,  and 
TOAD.  Work  will  be  performed 
for  various  clients  located 
throughout  the  western  U.S. 
Must  have  related  college  degree 
and  5  yrs.  exp.  developing  Oracle 
applications  which  include  at  least 
2  yrs.  of  Oracle  DBA  exp.  and  use 
of  Oracle  tools  referenced  above. 
Send  resume  with  cover  letter  to 
Netcliff,  Inc.  Attn:  Hiring  manag¬ 
er  4585  Stevens  Creek  Blvd. 
#300  Santa  Clara,  CA.  95051 . 


Software  Engineer  needed  for 
software  development  and 
consulting  company  located  in 
San  Francisco,  CA.  Job  duties 
include:  Involved  in  analysis, 
design,  development  and  imple¬ 
mentation  of  computer  software 
applications  in  a  web  based 
environment  for  clients  located  in 
the  Bay  area  as  well  as  throughout 
the  U.S.  Engage  in  object  oriented 
design  and  analysis  and  work 
with  distributed  applications.  Use 
Java,  Corba,  SQL,  EJB,  C,  and 
UNIX.  Applicant  must  have  M.S. 
degree  in  computer  science, 
math,  business  or  engineering. 
Applicant  must  also  have  1  yr.  of 
exp.  in  the  job  duties  listed 
above.  E-mail  resume  to: 
sfrecruitingad  @  spherion.com 


MCG,  an  investment-consulting 
firm  located  in  downtown  Chicago, 
is  seeking  a  Network  Specialist 
with  Bachelor's  Degree  in 
Computer  Science.  Please  send 
resume  to  IT  Director  sscott 
@  marcoconsulting.com  or  fax  to 
(31 2)  575-9840.  No  calls  please. 
EOE. 


Job  Description  (Advertsiment): 
Programmer  Analyst, Must  have 
Bachelors  in  Comp.  Engineering 
or  Science  besides  two  years 
of  experience  in  designing  and 
developing  and  maintaining  of 
web  systems  of  Supply  Chain 
and  Order  Managements  Sys¬ 
tems  using  HTML,  ASP,  ADO 
objects,  Visual  Basic  Objects 
and  Visual  Basic  web  classes  for 
MS-DOS,  UNIX,  Windows  95/ 
98/NT:  designing  RDBMS  in  IIS 
and  Oracle  8.0  and  MS  SQL 
Server  6.5  7.0;  etc. 

Respond  to  HR  Manager., 
Anthem  Technologies,  Inc.,  77 
West  Elm  Wood  Drive,  Suite 
113,  Dayton,  OH  45459. 


Call  your 
ITcareers  Sales 
Representative 
or  Janis  Crowley. 

1-800-762-2977 


Yashoda  Systems  Inc.,  the  Pre¬ 
mier  IT  consulting  and  develop¬ 
ment  firm  leading  the  Way  into 
the  new  millennium  with  its  solu¬ 
tions  for  all  the  hi-tech,  networking 
and  web  based  programming 
needs.  We  are  looking  for  the 
following  positions: 

Software  Engineers:  Research, 
design,  develop,  implement  and 
customize  Client-Server  Appli¬ 
cations  using  Oracle  Financials 
and  Developer.  Customize  Inter¬ 
faces,  Payable  Order  Reports, 
Conversions,  Manage  New 
Products  or  Enhance  Existing 
Products  by  using  VB,  SQL 
Server,  PERL,  XML,  Generating 
SQR  Reports  and  even  need  to 
be  very  strong  in  Imaging  Soft¬ 
ware  and  Data  Modeling  System. 
Involve  in  Database  Develop¬ 
ment  by  Writing  and  Implement¬ 
ing  Packages,  Stored  Procedures, 
Triggers  and  Functions  using 
PL/SQL.  Analyze  Business 
Rules,  Solve  Production  Problems, 
Redefine  and  Convert  Data  to  a 
required  Form.  Requires  a 
Master’s  in  Computer  Science  or 
a  related  field  and  2  years  of 
experience. 

Programmer  Analysts:  Design 
and  develop  client-server  appli¬ 
cations  using  Oracle  Financials. 
Customize  payable  order,  con¬ 
versions,  interfaces,  manage 
new  products  or  enhance  existing 
products  using,  VB,  SQL  Server, 
PERL,  ASP,  and  XML.  Analyze 
business  procedures,  solve 
problems,  redefine  and  convert 
data  to  a  programmable  form. 
Requires  a  Bachelor’s  in  Com¬ 
puter  Science  or  related  field  and 
2  years  of  experience. 

Send  Resume  to:  Mr.  Vamshi 
Chinthalapani,  Yashoda  Systems 
Inc.,  7100  Regency  Square, 
Suite  230-4,  Houston,  TX-77036 
or  via  email  at:  resumes® 
yashodasystems.com 


Glovia  Int'l,  El  Segundo,  CA 
Consultant  (Systems 
Support  Analyst) 

BS  in  Cmptr  Sci,  Info  Systems  or 
related  area.  Must  be  bilingual  in 
Japanese  &  English.  Requires 
up  to  75%  monthly  travel  to  client 
sites.  Works  as  part  of  consulting 
team  on  ERP  software  product 
implementations.  Evaluate  clients 
internal/business  processes; 
troubleshoot  application  issues 
&  provide  end-user  training. 
Send  resume  to:  HR  @  glovia.com 
in  MS  Word  format.  U.S.  work 
auth.  req. 


Software  Engineer  wanted  w / 
BS  &  2  yrs.  exp.  in  Oregon.  Send 
resume  to:  HR  Dept.,  Scicom 
Americas,  Inc.,  1500  S.  Dairy 
Ashford,  Ste  241 ,  Houston,  TX 
77077. 


Software  Engineer.  Design  and 
implement  GUI  application  by 
using  Java  and  C++  for  developing 
and  maintaining  data  collection 
and  disposal  program  of  medical 
equipment;  implement  and 
transfer  GUI  and  other  related 
English  application  to  Chinese 
version  for  customers’  need.  Min 
BSCS  plus  3  years  exp.  Send 
resume  to:  Mr.  John  YE,  Ame 
Engineer,  Inc,  409  Deleon  Ave., 
Fremont,  CA  94539.  EOE 


iS3C  Inc  is  a  professional  software 
consulting  company  providing  a 
range  of  Consulting  Service  in 
E-Commerce,  ERP,  EAI  and  C/S 
technologies.  We  have  immediate 
fulltime  openings  for  the  following 
positions.  Programmer  Analyst, 
DBA's,  Systems  Analyst,  Project 
Leaders,  Project  Managers  and 
Software  Engineers  with  minimum 
1  year  experience  in  any  of  the 
following  skills: 

1 .  Websphere  Commerce 

2.  E-commerce  (WCS)  Solution 
Architect 

3.  Broadvision 

4.  MQ  Series  Integrator,  Web- 
methods  B2B 

5.  Oracle  Apps:  Manufacturing, 
Finance 

6.  SAP:  ABAP/4,  APO,  FI/CO, 
SD/MM,  MM/PP,  HR  and  Business 
Connector 

7. BaaN:  Manufacturing,  Finance, 
Distribution,  EDI,  Baan  Tools 
and  SCM 

Bachelors  or  Masters  degree 
required  in  accordance  with 
positions.  We  will  accept  the 
foreign  equivalent  of  the  education 
and/or  its  equivalent  in  education 
and  experience.  Send  fax  or 
email  your  resume  (please  state 
publication  and  position)  to  Attn: 
Kimber  Minix,  535  E.  Diehl 
Road,  Suite333,  Naperville, 
IL-60563,  email:  kimberm® 
iS3C.com 

www.iS3C.com  EOE 


International  Software  Consult¬ 
ing  Inc.  is  seeking  multiple  posi¬ 
tions  in  the  following  areas: 
Software  Engineers:  Involves 
research,  analysis,  design  and 
development  of  Internet  programs 
for  Web  based  knowledge  man¬ 
agement,  customer  relationship 
management,  sales  force-automa¬ 
tion,  and  e-commerce,  knowledge 
in  Java  or  C++  and  HTML  pro¬ 
gramming  is  preferred.  Requires 
Masters  degree  in  Computer 
Science  or  equivalent  with  1- 
year  experience. 

System  Analysts:  Involves  plan¬ 
ning,  developing,  testing,  and 
documenting  Internet  based 
programs.  Need  to  develop  JAVA 
or  C++  and  CORBA  based  soft¬ 
ware  programs  on  Microsoft  or 
UNIX  environment.  Requires 
Bachelor's  degree  in  Computer 
Science  or  Equivalent  with  1  + 
years  experience. 

Programmer  Analysts:  Involves 
planning,  developing,  testing, 
and  documenting  Web  enabling 
of  legacy  systems.  Need  to 
develop  DB2,  COBOL,  CICS, 
Java  or  C++,  C#,  Visual  Basic 
software  programs  on  Microsoft 
or  UNIX  environment.  Requires 
Bachelor's  degree  in  Computer 
Science  or  Equivalent  with  1  + 
years  work  experience. 
Database  Administrators:  Involves 
research,  analysis,  design  and 
development  of  database  appli¬ 
cations  using  Oracle,  SQL  Server 
or  Sybase  like  RDBMS.  Experi¬ 
ence  in  backup  recovery,  user 
maintenance,  stored  procedures, 
triggers  and  database  adminis¬ 
trative  tool(s)  is  required.  Requires 
Bachelor's  degree  in  Computer 
Science  or  equivalent  with  1  + 
year  experience. 

Submit  your  resume  to  Interna¬ 
tional  Software  Consulting,  Inc., 
2825  Wilcrest  Dr.  #318,  Houston, 
Texas  77042. 


Learning  Resource  Coordinator. 
Master's  deg  &  exp  as  systems 
eng  or  in  higher  ed.  preferred. 
Maintain  info  systems  &  maintain 
&  update  web  site  and  related 
links.  Develop  database  app's  for 
users.  Assist  students  in  learning 
center.  Install  &  maintain  sw. 
Day  to  day  responsibility  for 
maintaining  network  of  PC's  & 
software  app's.  Also  collect  data 
for  school  reports  8  communicate 
w/dean  &  unit  mgrs.  Needs  ef¬ 
fective  communication  &  inter¬ 
personal  skills,  detail  oriented, 
indep  judgment.  Must  have  1  yr 
exp  using  XML,  UML,  Corba  & 
testing  tools.  Submit  resumes  & 
3  Itrs  of  ref  to  Southern  Univ  & 
A&M  College,  PO  Box  11794, 
Baton  Rouge,  LA  70813. 


OUR  PEOPLE  MAKE  THE 
Difference  WAL-MART 


Stores,  Inc. 


We’re  Looking  for  the  Future  Leaders  of  Tomorrow 


Wal-Mart  Stores,  Inc.  has  been  recog¬ 
nized  by  Fortune  Magazine  as  one  of  the 
most  admired  companies  in  the  world. 
As  our  company  continues  to  expand, 
so  does  the  opportunity  for  first-class, 
talented  people  to  guide  the  future  of 
one  of  the  most  successful  and 
innovative  growth  companies  in  the 
world. 

Put  your  career  on  a  fast  climb  and  help 
us  continue  to  set  the  industry  standard 
in  information  technology. 

•  UNIX  -  C,  C++,  Administration, 
Engineering,  Informix  DBAs 

•  NT  Workstation  -  VB,VC++, 

Java,  ASP,  XML 

•  IBM  Mainframe  -  COBOL, 

CICS,  DB2  and  IMS  DBAs 

•  Networking  -  Ethernet,  VSAT, 
Frame  Relay,  ATM 

•  Telecommunications 


(V 

Ready  to  do  it  all?  Candidates  interested 
in  joining  our  team  should  forward  a 
resume  to: 

Wal-Mart  Information  Systems  Division 

Attn:  Recruiting  Department 

805  Moberly  Lane  M4 1 

Bentonville,  AR  72716-0560 

Fax:  (479)  277-4227 

E-mail:  ISDADS@wal-mart.com 

For  more  information,  call  toll-free: 
1-888-JOBS-ISD  or  visit  our 
Web  site  at: 

www.walmartstores.com 


Wal-Mart  Is  An  Equal  Opportunity  Employer.  M/F/D/V 
*2000  Wal-Mart  Stores,  Inc. 


Dantz  Development  Corp.,  seeks 
Sr.  Prog.  Mgrs.  for  Seattle,  WA. 
DESC:  Det  user  reqs  &  tech 
specs  based  on  analysis  of  exist, 
info  sys.  Dir  dsgn  &  dev  of  back¬ 
up/restore  prods  &  apps  for 
virtual  SAN  &  scaleable  sys 
arch,  inc  file  sys  internals  &  RAID 
tech.  Dev.  functional  &  operation 
specs,  features,  &  Ul  to  facilitate 
comm,  of  data  formats  &  trans. 
processes  bet.  new  &  existing 
sys  devices  &  apps.  Analyze  & 
coord  dev  &  test  of  new  prod, 
versions  util  internet  &  database 
protocols.  REQS:  BS  in  Engr., 
CS,  Math,  or  Phys  +  2  yrs  exp. 
dsgn  &  dev  databases  &  s/w 
apps  util  OO  design  &  prog  meth, 
HLL,  &  internet  technologies.  1 
yr  exp  dsgn  &  dev  SAN  or  NAS 
systems  prods  &  apps  util  file 
sys  internals  &  RAID  tech.  Com¬ 
petitive.  sal  +  benes  &  options. 
Pis.  send  resumes  to  Jobs® 
Dantz.com.  You  must  include 
Reference  #JS-102.  Dantz 
Development  Corporation,  4 
Orinda  Way,  Building  C,  Orinda, 
CA  94563.  Principals  only. 

Equal  Opportunity  Employer 


♦ 


Staff  Operations  Analyst  wanted 
by  insurance  company  in 
IGalveston,  TX.  Respond  to: 
HR  Dept.,  American  National 
Insurance  Company,  One  Moody 
Plaza,  Galveston,  TX  77550. 


Senior  Business  Analysts:  Oracle 
Apps.  1 0.7/1 1 .03/1 1  i/PeopleSoft 
7.0/7.5/8.0;  Adds  DBAs:  Oracle 
RDBMS  7.x/8i/9i,  Oracle  Apps. 
1 0.7/1 1 .03/1 1  i  upgrade  &  migra¬ 
tion,  ERWIN,  SQL  Server  RDBMS, 
SQL  Server  2000/7.0/6.5/6.0  on 
Solaris/HP  Unix/Windows  NT/ 
2000  platforms.  Oracle  Adds. 
Programmer  Analysts:  Oracle 
Apps  1 0.7/1 1 .03/1 1  i  (modules-GL, 
AP,  AR,  FA,  PO,  INV,  OE/OM, 
HRMS,  Service).  Customize 
Oracle  Apps  using  Oracle  De¬ 
veloper  6i/JDeveloper  for  service 
modules.  Senior  Programmer/ 
Analyst:  Oracle  PL/SQL,  Oracle 
8i,  Oracle  9i,  9iAS,  Developer 
2000/6i;  Siebel  CRM/Oracle 
CRM  Configurator  and  Technical 

Proarammer/Analvsts:  Siebel 
suite  incl.  Communications  2000, 
Call  Center,  Energy  '00,  Tools 
6.3/7.0/Oracle  CRM  31/1 1i.  Se¬ 
nior  DBAs:  Sybase  12.5/12.0/ 
11.1/10.x/0racle  database  7.x/ 
8i/9i  Senior  Network  Engineer/ 
Certified  Microsoft  Trainers: 

MCSE,  MCT  &  Cisco  certifica¬ 
tions.  Prevailing  wage/benefits. 
Consulting  positions  requiring 
travel.  To  apply,  send  resume 
identifying  position(s)  interested 
to  HR,  BPO  Systems,  3333 
Vincent  Road,  Suite  216,  Pleasant 
Hill,  CA  94523.  EOE. 


COMPUTERS,  Database  Ad¬ 
ministrator  w/exp  in  Oracle  DBA 
Administration,  administration  of 
Linux  &  NT  based  LAN  &  WAN. 
Programming  in  C,  C++,  Oracle 
Forms/Reports,  Pro'C,  SQL,  & 
PL/SQL.  Send  resumes  to  Biwer 
&  Associates,  Inc.,  1050  Walnut 
Ridge  Drive,  Hartland  Wl  53029. 
Attn:  HR  Dept. 


OmniPros,  a  worldwide  provider 
of  software  solutions  seeks 
motivated  IT  professionals 
specializing  in  the  following 
areas: 

Java,  J2EE,  Oracle,  WebLogic 

Webmethod 

Vitria 

Tibco 

Portals 

Oracle  CRM  (Technical,  1 1  i) 
Oracle  Manufacturing  (Technical/ 
Functional,  1 1  i) 

Oracle  Finance  (Technical,  1 1  i) 
Business  Development/Technical 
Operations  Management 

Please  e-mail  resume  to 
careers@omnipros.com,  fax 
resume  to  (925)  249-1702,  or 
mail  resume  to: 

OmniPros  Ltd. 

301 5  Hopyard  Road  Suite  T 
Pleasanton,  CA  94558 
www.omnipros.com 


PROGRAMMER  ANALYST 
sought  by  NE  Ohio  Ins.  Co. 
to  maintain  existing  Smalltalk 
application  to  analyze  user 
requirements/procedures/prob¬ 
lems,  confer  with  personnel/ 
analyze  current  operational 
procedures;  review  computer 
system  capabilities  to  modify 
programs;  troubleshoot;  formulate 
plan  using  object-oriented 
analysis  of  compatibility  of 
software/hardware;  modify/ 
create  programs  from  detailed 
specifications;  perform  on-call 
support.  Min.  4  yrs.  In-job  or 
job-related  exp  with  mentoring, 
Smalltalk,  automated  testing. 
UML,  RDBMS  through  MF 
transactions,  Rational  Rose,  GUI, 
persistence  &  Controller  archi¬ 
tecture  and  design  patterns 
Resumes  to  Progressive 
Insurance,  SCBHB1,  300 
N.  Commons  Blvd.,  OHT63, 
Mayfield  Village,  OH  44143. 
No  calls.  EOE. 


WW20S06WMW5 


Computerworld  •  Inf o World  •  Network  World  •  May  6,  2002 


Senior/Staff  Engineer 

Pitney  Bowes  Inc.has  an  imme¬ 
diate  opening  in  its  Shelton. 
Connecticut  office  for  a  Senior/ 
Staff  Engineer. 

Design  and  code  Shipping 
Applications  on  AS/400  using 
POM.  SDJ  and  RPG. 

Must  possess  at  least  a  bachelor's 
or  its  equivalent  in  Computer  Sci¬ 
ence,  Engineering  or  a  related 
field  and  relevant  experience  as 
a  Software  Engineer  including 
programming  in  RPG  and  AS/ 
400.  CCL,  PDM,  SDJ  and  RPGIV. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above 
and  specify  reference  code 
SSEKS  or  it  will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road,  Stamford,  CT 
06926-0700. 


Web  Programmer  to  encode,  test, 
debug  and  document  various 
enterprise  B2B  messaging  pro¬ 
grams  using  Java,  Java  Servlets 
and  JSP,  to  test  and  document 
modifications  and  write  operator 
instructions,  to  program  specific 
data  models  and  modify  the  ex¬ 
isting  software  products  according 
to  client's  requirements  and 
implement  modifications  to  the 
interrelation  of  files  and  records 
within  programs  in  consultations 
with  higher  level  staff.  Req. 
a  Master  degree  in  Computer 
Science  or  a  related  science. 
40hrs/wk.  Send  resume  to 
Candace  Nelson,  Sevista  Tech¬ 
nologies.  Inc.,  5550  Peachtree 
Pkwy,  Suite  650,  Norcross,  GA 
30092.  Ref.  Code:  GA-ZLW. 


ExImWare  is  Delaware  based  a 
s/w  and  services  company  for 
global  agriculture  trade  markets. 
We  have  following  2  positions 
available:  Marketing  and  Business 
Strategy  Directors.  Min.  3  yrs.  of 
global  trade  experience  at  a  sr. 
level,  and  1  yr.  in  s/w  ind.  is  req'd. 
Exp.  in  managing  trade  finance, 
trade  logistics,  bus.  &  tech, 
alliances  and  international  trade 
of  cocoa,  coffee,  sugar,  rice,  or 
soy  is  a  big  plus.  Jobs  require 
extensive  travel.  Undergraduate 
degree  in  business,  computer 
science,  economics  or  commerce 
is  a  must.  MBA  or  equivalent 
is  preferred.  Send  resumes  to: 
career@eximware.com 


Responsible  for  design  and 
development  of  medical  practice 
computer  system  based  on  user 
requirements.  Duties  include 
computer  network  management, 
system  acknintstratxxi  and  database 
design  and  maintenance  using 
SQL  7.0,  SQL  2000,  HTML  4.0, 
MS  Frontpage,  JavaScript,  VB 
script,  XML,  JAVA.  Must  have  a 
Bachelor’s  Degree  in  Computer 
Science  &  Engineering  and  2 
years  of  experience  in  the  job 
offered  or  position  with  the  same 
duties.  Send  resume  to:  Athens 
Heart  Center,  2005  Prince  Avenue, 
Athens,  GA  30606,  attn:  Sharon 
Eades. 


Software  Developer 

Full  life  cycle  configuration  of 
Siebel  implementation,  integration 
&  testing  in  Siebel  2000.  Must 
have  BS  or  equiv.  in  CS  or  EE  or 
related  &  3  yrs.  exp.  or  3yrs.  exp. 
in  a  related  position  w/ability  to 
use:  Siebel  and  MS  Windows. 
40.0  hrs./wk  8:00  AM  -  5:00  PM 
$82,660/Yr. 

Applicants  send  cover  letter 
and  resume  to: 

Ambrish  R  Kochikar 
Cyber  Korp,  Inc. 

9667  B  Main  Street 
Fairfax,  VA  22031 


Senior  Programmer  Analyst 

Pitney  Bowes  Inc.  has  an  imme¬ 
diate  opening  in  its  Stamford, 
Connecticut  office  for  a  Senior 
Programmer  Analyst. 

Provide  advanced  software  sup¬ 
port  and  development  for  existing 
and  new  Worldwide  Postage  by 
Phone  installations  including 
system  support,  troubleshooting 
and  system  installations. 

Must  possess  at  least  a  bachelor's 
or  its  equivalent  in  Computer  Sci¬ 
ence  or  Computer  Engineering 
and  relevant  experience  with 
Visual  Basic  3.0  -  4.0,  SQL  Data¬ 
base  Application  programming 
using  ODBC/RDO  and  Client/ 
Server  architecture  and  Microsoft 
SQL  Server  and  Windows  NT 
operating  system. 

Resume  and/or  cover  loner  must 
reflect  each  requirement  above 
and  specify  reference  code  SPA 
or  it  will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road  Stamford,  CT 
06926-0700. 


Programmers,  Jr.  Programmers, 
Software  Engineers  &  DBAs 
Design,  develop,  test  and  imple¬ 
ment  specialized  software  apps 
using  (a)  PVCS  Tracker,  StarTool, 
Lotus  Notes,  Comparex,  C,  C++, 
Oracle,  COBOL,  Test  Director 
and  related  testing  tools:  (b)  Web 
logic,  Corba,  Java,  SAP,  ABAP/4, 
Visio,  Rational  Rose,  Clearcase, 
Cold  fusion;  (c)  Sybase,  Lotus 
notes,  Replication  Server,  Toad, 
Rapid  SQL,  C,  C++,  PFC,  Power 
Designer,  Rational  Rose;  (d) 
Cold  Fusion,  Rational  Rose, 
Sybase,  IIS,  Iplanet,  XP,  ASR  XML, 
JSP,  Oracle;  (e)  Websphere, 
Homesite,  Corba,  Rational  Rose, 
Oracle,  EJB,  C,  C++,  DB-2,  Web 
sphere  Studio,  C,  C++;  (f)  Oracle/ 
Sybase  DBA  and  Adaptive  Server 
for  manufacturing  and  service 
organizations;  (q)  Peoplesoft 
Financials-AR,  AP,  GL,  Oracle, 
Peopletools,  Peoplecode,  nVision, 
Crystal  Reports;  (h)  Informix,  DG/ 
UXF  4.1 1 ,  DYNIX/PTX,  C,  Oracle, 
Unix,  SQL  Forms  and  Pro’C.  US 
Workers  only.  Consulting  positions 
requiring  travel.  Prevailing  wage/ 
benefits.  Send  resume  to  HR,  SSG 
3300  Buckeye  Rd.,  Suite  555, 
Atlanta,  GA  30341,  identifying 
interested  position(s). 


Manager  of  Technology,  Law- 
renceville,  GA.  Direct/manage 
telecom  testing  &  network  QA 
projects  to  analyze,  evaluate,  & 
optimize  network  performance 
using  network  signaling  (SS7, 
PCS-1900,  GSM,  ISDN),  trans¬ 
mission  (PCM,  PDH,  SDH),  & 
datacom  (Frame  Relay,  ATM) 
technologies.  Must  have  B.S. 
telecom  engineering  plus  3  yrs 
exp  in  telecom  engineering/ 
mgmt.  Employer  will  accept  6  yrs 
exp  in  telecom  engineering/ 
mgmt  in  lieu  of  B.S.  Must  have 
unrestricted  authorization  to 
work  in  U.S.  Respond  to  HR 
Dept.,  RANTEC,  PO  Box  2164, 
Lawrencville,  GA  30046 


Gtotech  Solutions,  inc:  A  Software 
Development  and  consulting 
company  based  in  Lawrenceville, 
New  Jersey  needs:  Software 
Consultants  with  solid  back¬ 
ground  in  some  of  the  following 
technologies:Java,  J2EE,  XML, 
Web  Development,  C,  C++,  VC++, 
MFC,  UNIX/NT/Win  2000,  Web 
Technologies/E -Commerce  (CGI. 
Perl,  Scripting),  Oracle/Sybase/ 
Informix/SQL  Server/DB2,  OLAP, 
Financial  Industry  Expertise, 
Client/Server,  OOD/OOA,  COM/ 
DCOM/CORBA,  ASP,  Visual 
InterDev. 

Please  send  resumes  to  resumes 


Several  computer  related  posi¬ 
tions  available  for  large  trans¬ 
portation  and  logistics  services 
company.  Degree,  technical  skills 
&  experience  vary  per  positions. 
Send  resume  to:  vivianirizarrv 
@  ups.com  or  United  Parcel 
Service,  P.O.  Box  833,  Mahwah, 
NJ  07430,  Attn:  Vivian  Irizarry, 
A-563,  Ref.  #1 .  Employer  will  not 
sponsor  visas  for  position. 

Software  Engineer  -  Piscataway, 
NJ.  Require  experience  in  devel¬ 
oping  client/server  applications 
using  Sybase,  Powerbuilder,  Unix, 
NT  and  Cognos  Powerplay. 
Attractive  compensation  package. 
Send  resume  to  Phillip  M.  Brown, 
The  Janus  Group,  Inc.  200 
Centennial  Avenue,  Suite  #  203, 
Piscataway  NJ  08854. 

Systems  Administrator,  IS/IT 
Consulting  Co.,  Edison,  NJ.  Must 
have  Bachelor's  degree  in  Comp. 
Sc.,  Engg.  4  yrs  of  exp.  in  the 
job  duties  or  Comp.  Software 
Development  and/or  Consulting 
and  proficiency  in  UNIX  (or  UNIX 
type  e.g.  Solaris,  AIX)  Systems 
Administration.  Send  resume  to 
HR  Dept.,  Ref#  GG81 63,  Savant 
Consulting  Group,  505  Thornall 
St.,  Ste.  205,  Edison,  NJ  08837 
or  fax  to  732-744-0135  (no 
phone  calls  please). 


Software  Developer  IPs  needed 
to  dsgn,  implmt,  maintain,  test 
single  product  modules/sub-sys- 
tems  using  SQL  Server  prgmg  in 
FORTE,  PB,  Smalltalk,  C++  &/or 
OOD  on  AIX,  HP/UX,  SUN  &/or 
Win  NT  operating  systems.  Apply 
to  Job  #350-03-03,  EXE,  300 
Baldwin  Tower  Blvd,  Eddystone, 
PA  19022. 


Technical  Support  Specialist: 
Evaluate  &  test  vendor-supplied 
software  packages;  modify,  test 
&  correct  hardware  &  software 
problems;  write  recommendation 
for  recovering  losses  &  using 
backup  equipment;  assist  users 
to  resolve  computer-related 
problems  &  train  employees. 
Req.:  2  yrs  in  job  offered  or  2  yrs 
in  related  occupation.  Send 
resume  to  Taylor  Construction, 
8607  Roswell  Rd.,  Dunwoody, 
GA  30350.  Ref  RB 


Software  Engineer  req'd  by  NY 
IT  Co.  must  have  Master's  in  Info 
Sys/Comp.  Sci./Engg  or  eqvlt  & 
1  yr  exp.  in  designing,  developing, 
implementing  &  testing  web 
based  applications  utilizing 
Oracle,  Sybase,  J2EE,  Java 
API's,  HTML,  XML,  UML,  Web¬ 
sphere  3.5  &  Web  Objects  4.0 
and  engaging  in  internet  related 
technologies  focusing  on  elec¬ 
tronic  commerce  &  information 
management.  Respond  to  HR 
Dept.  Columbia  I.S.  Consulting 
Group,  257  Park  Avenue  South, 
7  FI,  NY,  NY  10010 


Software  Engineer  reqd  by  a 
Biotechnology  company  in  CT. 
Must  have  Bachelor’s  degree  in 
Comp.  Science/Engg/Eqvlt  and 
2  yrs  exp  in  analyzing,  designing, 
developing,  testing  and  imple¬ 
menting  enterprise  applications 
utilizing  RUP,  OOAD.  Design 
Patterns,  UML,  Rational  Rose, 
Data  Modeling,  ERD,  Power 
Designer,  Oracle,  OOP,  JDK, 
J2EE,  JSSE,  JAXP,  XML,  XSL, 
CSS,  Apache  and  Weblogic  in 
multi-tier  environment  under 
Windows  NT,  AIX,  UNIX  plat¬ 
forms.  Respond  to  HR  Dept., 
Agilix  Corporation,  2  Church 
Street  South,  #401 ,  New  Haven, 
CT  06519. 


Sr.  Software  Engineer,  Mt.  Laurel, 
NJ.  Must  have  Master's  degree 
in  Comp.  Sc.  or  Mathematics.  5 
yrs  of  exp.  in  the  job  duties  or 
Comp.  Software  Development 
and/or  Consulting  and  proficiency 
in  OOP,  OOD,  math  modeling, 
VC++,  RDBMS  (e.g.  SQL  Server), 
rational  rose  and  CORBA.  Send 
resume  to  HR  Dept.,  Ref# 
GG8148,  Price  Systems,  LLC, 
1 7000  Commerce  Parkway,  Ste. 
A,  Mt.  Laurel,  NJ  08054  or  fax  to 
856-608-7247  (no  phone  calls 
please). 


Sr.  Analyst 

Analyze,  design,  and  test  project 
specifications  based  on  a  client's 
need.  Must  have  Bachelors  degree 
in  Business  or  CS  or  Related  & 
3yrs.  exp.  or  3yrs.  exp.  in  related 
position  w/ability  to  use:  SQL 
Server,  ASP,  JavaScript,  VBScript 
&  Visual  Interdev.  40.0  hrs./wk 
8:00  AM  -  5:00  PM 
$85,000/Yr. 

Applicants  send  cover  letter  and 
resume  to: 

Kumar  Markandan 
Software  Systems  &  Solutions,  Inc. 
1945  Cliff  Valley  Way,  #270 
Atlanta,  GA  30329 


Multiple  IT  positions  available 
for  ERP/E-Com.  Requires  B.S. 
Computer  Science  or  related 
field  &  2  yrs  exp  in  design, 
development,  testing  &  imple¬ 
mentation  of  software  in  any  of 
the  following  areas:  SAP  (any 
module),  Oracle,  XML,  JAVA, 
EJB,  COBOL,  C/C++,  AS/400, 
Mainframe  Interlaces,  Web  inte¬ 
gration  tools  &  Data  Trasfer  for 
sales,  service,  finance,  wireless 
&  e-commerce  applications.  Also 
looking  for  QA  Tester  with  2  yrs 
in  prep  of  test  plans  &  in  prep  of 
BRD  and  SRS  in  Client  Server  & 
Mainframe  environmnet.  Send 
resume  to:  NexLink  Systems, 
Inc,  2517  Grendon  Drive, 
Wilmington,  DE,  19808. 


Systems  Analyst/Programmer 
wanted  by  Consulting,  Software 
Developer  &  Distribution  of 
telecom  equip  firm  to  work  in 
Fairfield,  NJ.  Must  have  Bach 
degree  &  2  yrs  exp.  using 
Oracle,  Coldfusion  &  JavaScript. 
Respond  to:  Automatic  Systems 
Design  Corp.,  1 1  Stewart  Place. 
Fairfield,  NJ  07004. 


Network  Engineer  wanted  in 
Miami,  FL.  Req.  Bachelor  in 
Computer  Science  or  equivalent, 
plus  2  yrs  exp.  Will  manage 
Novell  Netware  3.12,  Windows 
NT  4,  IIS  4,  TCP/IP,  and  Elite. 
Will  monitor  system,  equipment 
and  provide  user  support.  Fax 
resume  attention:  Ms.  Mark  305/ 
267-5155 


Software  Engineer  wanted  w/BS 
&  2  yrs.  exp.  in  New  Jersey.  Send 
resume  to:  HR  Dept.,  Scicom 
Americas,  Inc.,  1500  S.  Dairy 
Ashford,  Ste.  241 ,  Houston,  TX 
77077. 


Programmer/Analyst  to  design, 
develop,  test,  &  implement  web- 
based  &  client/server  applica¬ 
tions  using  ASP,  ADO,  VB,  SQL 
Server,  XML,  XSL,  HTML,  & 
DHTML.  Reqd:  B.S.C.S.  &  2 
yrs  exp.  40  hrs/wk,  9am-5pm. 
Freq.  relocation  within  U.S.  may 
be  necessary.  Send  resume 
to  J.  Brigham,  HR  #13107, 
TekSystems,  6992  Columbia 
Gateway  Drive,  Columbia,  MD 
21046. 


Programmer/Analyst 
Design,  develop,  test,  &  implement 
computer  software  for  busn  apps 
using  following  skills:  C/C++, 
Java,  COBOL,  PL/  SQL  on  Unix, 
WIN,  &  IBM  platforms.  Min:  BS 
(or  equiv)  in  Comp  Sci,  Comp 
Engg,  or  Elec  Engg  &  1  yr  exp. 

Software  Engineer 
Design,  develop,  test,  &  implement 
software  using  Powerbuilder 
V5.0,  Oracle,  Sybase,  Lotus 
Notes,  MS/SQL,  &  Ingres  (for 
data  porting).  Min:  BS  (or  equiv) 
in  Comp  Sci,  Comp  Engg  or 
Elec  Engg  &  3  yrs  exp. 

Resume:  HR  Dept,  Vertex  Soft 
Inc,  2  Lavendar  Dr, 
Princeton,  NJ  08540 


Several  computer  related  posi¬ 
tions  available  for  large  trans¬ 
portation  and  logistics  services 
company.  Degree,  technical  skills 
&  experience  vary  per  positions. 
Send  resume  to  ups  Corporate 
Office  Workforce  Planning, 
Attn:  SD67881 40255,  Glenlake 
Pkwy.,  NE,  Atlanta,  GA  30328. 
Employer  will  not  sponsor  visas 
for  position. 


SAP  Business  Information 
Warehouse  (BW)  company 
seeking  experienced  SAP  BW 
functional/technical  consultants 
familiar  with  generic  and  custom 
extractors,  data  modeling,  info 
sources  and  info  cubes.  Also 
seeking  SEM  and  Supply  Chain 
Management/APO  experience. 
Please  e-mail  resume  to  Busi¬ 
ness  Information  Solutions  at 
recruiting@bisamerica.com  or 
fax  to  (858)  458-5819. 


ENGINEERING  PROGRAMMER 
sought  by  designers  &  integrators 
of  robots  &  special  machinery 
in  Beaumont,  TX.  Must  have 
Master's  in  Comp.  Sc  or  Engi¬ 
neering.  Respond  by  resume 
to  Mr.  Steve  Ingraham,  P/Z#10. 
Sage  Automation,  Inc.  4925 
Fannett  Rd.,  Beaumont,  TX 
77705. 


Systems  Administrator  wanted 
by  Home  Care  agency  in  Aurora, 
IL.  Reqd:  Bachelors  in  Computer 
Science  or  Electronics  or  Com¬ 
munications  Engineering.  Send 
resumes  to:  HR,  Caring  Home 
Care  Services,  Inc.,  1881  Com¬ 
merce  Drive,  Unit  1 07,  Elk  Grove 
Village.  IL  60007.  No  calls 
please. 


Programmer/Analysts  with  a  BS 
&  2  yrs  exp.  wanted  in  Carrollton, 
TX.  Send  resume  to:  HR  Dept., 
SHC  Solutions,  1205  West  Trinity 
Mills  Rd.,  Suite  214,  Carrollton, 
TX  75006. 


A  new  millenium,  a  new  solution.  ITcareers. 

Call  Janis  Crowley  at  1-800-762-2977 
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Ask  us  about  our  benefits. 


Better  yet,  ask  them. 


Fortune  says  we're  one  of  the  companies  they  admire  most. 
ComputerWorld  calls  us  one  of  the  best  places  to  work. 
SmartMoney:  The  Wall  Street  Journal  Magazine  of  Personal 
Business  placed  us  in  the  top  ten  401  (k)  plans  in  America. 

From  Working  Woman  to  Institutional  Investor  to 
Business  Ethics,  the  magazines  that  talk  employment 
speak  highly  of  Freddie  Mac. 

The  reason?  We’re  an  investor-owned  Fortune  500® 
company  with  an  important  public  mission:  to  lower  the  cost 
of  home  mortgages  so  more  families  can  own  homes. 

So  we  created  an  environment  that  encourages 
inclusion,  values  different  opinions  and  rewards  innovation. 
And  filled  it  with  a  diverse  group  of  people  who  are  smart, 
creative  and  energetic. 

And  the  good  news  is,  you  can  join  them.  Go  to 

freddiemac.com  to  see  how  you  can  benefit  from  working 

with  one  of  America’s  most  highly  regarded  ^ m 

employers.  We’d  be  honored  if  you  did.  Freddie 

Mac 


We  Open  Doors ® 


www.freddiemac.com 


©2001  Freddie  Mac 


ff-lAl^miBI  IT  CAREERS 


's  Most  Wanted  Applicants. 


FEDERAL  BUREAU  OF  INVESTIGATION 


Since  the  events  of  September  1 1th.  the  FBI  has  identified  additional  skills  needed  to  address  terrorism  and  homeland  security.  When  you  join  the  FBI. 
you  join  an  organization  that  plays  a  central  role  in  ensuring  the  safety  of  our  nation.  Take  a  closer  look  at  a  career  with  the  FBI. 


You  must  be  a  U.S.  citizen  and  consent  to  a  complete  background  investigation,  drug  test,  and  polygraph  as  a  prerequisite  for  employment. 
Only  those  candidates  determined  to  be  best  qualified  will  be  contacted  to  proceed  in  the  selection  process.  The  FBI  is  an  equal  opportunity  employer. 


To  qualify  for  the  FBI  Special  Agent  position,  you  must  possess  a  four-year  college 
degree,  be  available  for  assignment  anywhere  in  the  Bureau’s  jurisdiction,  be 
between  the  ages  of  23  and  36,  and  be  in  excellent  physical  condition. 

Special  Agents  come  from  a  broad  range  of  educational  disciplines  and 
professions,  however,  the  FBI  has  special  needs  for  candidates  with  critical  skills 
among  the  following  areas:  Computer  Science  or  IT,  Engineering,  Law 
Enforcement,  Foreign  Counterintelligence,  Military  Intelligence,  Physical  Sciences, 
and  Foreign  Language  (Arabic,  Chinese,  Farsi,  Flebrew,  FUndi,  Japanese,  Korean, 
Punjabi,  Russian,  Spanish,  Urdu,  and  Vietnamese). 


Please  visit  our  website  for  complete  Professional  Support  and  FBI  Special  Agent  qualifications/details. 

You  may  apply  on-line  at:  WWW.fbijobs.COm 


Whatever  your  background  or  expertise... 


•  Computer  Science  •  Engineering 
•  Information  Technology 


...you  can  apply  your  skills  in  a  Support  position  with  the  FBI.  Visit  our 
website  at  www.fbijobs.com  to  determine  which 
position  best  suits  your  skills.  Positions  added  daily. 


SPECIAL  AGENT  POSITIONS 


PROFESSIONAL  SUPPORT  POSITIONS 


The  tech  game  has  changed. 
How  you  Win,  hasn’t. 


The  tech  game  can  change  all  it 
wants,  to,  but  savvy  technology 
professionals  still  know  how  to  win 
with  Dice..  Show  change  who’s  the 
boss.  Visit  Dice. com  today. 


What  does  vision  mean  to  you?  Seeing  today  what  is  possible  for 
tomorrow?  Knowing  what  needs  to  be  done  to  make  it  a  reality? 

We  are  the  new  Aetna,  and  we  are  working  to  create  a  new  future  for 
our  customers,  and  for  ourselves.  We  are  taking  bold  steps  to  chart  a 
new  direction.  And  to  do  all  we  can  to  turn  our  promises  into  practices. 
To  succeed,  we  need  leaders  who  understand  that  believing  is  seeing. 
Strong,  courageous  IT  leaders  who  are  driven  to  make  a  difference.  We 
need  IT  leaders  in  the  following  professions:  Data  Modeling;  Applications; 
Quality  Assurance;  Networking  Engineering  and  e-Business.  Send  your 
resume  to  staffing@aetnacareers.com.  Be  sure  to  include  /COM2  in 
your  e-mail  subject  line.  EOE.  aetna.com. 

X  Aetna; 


Trusted  by 
more 
hiring 
managers 
than  any 
IT  space 
in  the 
world. 
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IT  CAREERS 


Sure 

NetworkWorld, 
Computerworld, 
and  InfoWorld 
Help  You  Do 
A  Better  Job. 


Now  Let  Us  Help 
You  Get  One. 


Call: 

1-800-762-2977 


© 


careers.com 


am 
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STATE  FARM 


INSURANCE 


We're  a  diverse  group. 


P  Get  there  with  State  Farm. 

At  State  Farm  we're  proud  to  celebrate  diversity. 
In  our  workforce  as  well  as  our  job  opportunities. 
The  different  outlooks  our  people  offer,  along 
with  their  various  experiences,  help  make 
our  company  successful.  That's  why,  from 
banking  to  underwriting,  every  individual's 
contributions  are  highly  valued. 


Where  you  can 
V  be  an  individual 


For  more  information,  visit  statefarm.com ® 
or  email  jobopps.corpsouth@statefarm.com 


NW020506N3 
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www.nwfusion.com 

B  Sales  Offices 

Carol  Lasker,  Associate  Publisher/ Vice  President 
Jane  Weissman,  Sales  Operations  Coordinator 
Internet:  clasker.jweissman@nww.com 
(508)  460-3333/FAX:  (508)  460-1237  _ 


New  York/New  Jersey 

Torn  Davis.  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco.  Regional  Sales  Manager 
Aimee  Jacobs.  Sales  Associate 
Internet:  tdavis.  elisas,  ajacobs@nww.com 
(201)  587  0090/FAX:  (201)  712-9786 


Northeast 

Donna  Pomponi,  Regional  Sales  Manager 
Kathryn  Zinn.  District  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dpomponi.  kzinn,  chorgan@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


Mid-Atlantic 

Jacqui  DiBianca.  Regional  Sales  Manager 
Marta  Hagan,  Sales  Assistant 
Internet:  jdibian,  mhagan@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 


Midwest/Maryland 

*  Eric  Danetz,  Senior  District  Manager 
Aimee  Jacobs,  Sales  Associate 
Internet:  edanetz.  ajacobs@nww.com 
(201)  587-0090/FAX:  (201)  712-9786 


Central 

Dan  Gentile,  Midwest  Regional  Director 
Grade  Vela,  Sales  Assistant 
Internet:  dgentile.  gvela@nww.com 
(512)  249-2200/FAX:  (512)  249-2202 


Northern  California 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Miles  Dennison,  Regional  Sales  Manager 
Sean  Weglage,  Senior  District  Manager 
Teri  Whitehair,  Office  Manager/Exec.  Asst. 

Anna  Aquino,  Sales  Assistant 

Internet:  skupiec,  mdennison,  sweglage,  twhitehair, 

aaquino@nww.com 

(650)  577-2700/FAX:  (650)  341-6183 

Northwest/Rockies 

Karen  Wilde,  Regional  Sales  Manager 

Lara  Greenberg,  Regional  Sales  Manager 

Kim  Gaffrey,  District  Manager 

Internet:  kwilde,  Igreenberg,  kgaffrey@nww.com 

(650)  577-2700/FAX:  (650)  341-6183 _ _ 

Southwest 

Becky  Bogart  Randell,  District  Manager 
Angela  Norton,  Sales  Assistant 
Internet:  branded,  anorton@nww.com 
(949)  250-3006/FAX:  (949)  833-2857 

Southeast 

Don  Seay,  Regional  Sales  Manager 
Caitlin  Horgan,  Sales  Assistant 
Internet:  dseay,  chorgan@nww.com 
(404)  845-2886/FAX:  (404)  250-1646 

Custom  Publishing 

Shaun  Budka,  Custom  Media  Solutions  Manager 
Internet:  sbudka@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


Fusion 

Alonna  Doucette,  Vice  President  Online  Development 
James  Kalbach,  Director,  of  Online  Sales 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 
Kristin  Baker,  Sales  Operations  Manager 
Internet:  adoucette,  jkalbach,  sgutierrez,  dlovell, 
kbaker@nww.com 
(610)  341-6025/FAX:  (610)  971-0557 


MARKETPLACE 

Response  Card  Decks/MarketPlace 


Richard  Black,  Director  of  Marketplace 
Karima  Zannotti,  Senior  Account  Manager 
Enku  Gubaie,  Senior  Account  Manager 
Amie  Gaston.  Account  Manager 
Sharon  Stearns,  Sr.  Media  Dev.  &  Operations  Mgr. 
Chris  Gibney,  Sales  Operations  Coordinator 
Internet:  rblack,  kzannott,  egubaie,  cpeters, 
agaston,  sstearns,  cgibney@nww.com 
(508)  460-3333/FAX:  (508)  460-1192 


IT  CAREERS 

VP/General  Manager,  Janis  Crowley,  East  Regional  Manager, 
Deanne  Holzer,  Midwest  Regional  Manager,  Laura  Wilkinson, 
West  Regional  Manager.  Patricia  Sheppard,  Marketing 
Director,  Kelli  Flanagan,  Operations  Director,  Donna  Kent, 
Advertising  Coordinator,  Leitani  Lopez,  Marketing  Specialist, 
Heidi Tanakatsubo.  Sales  Support. Tina  Silveira,  Sales 
Support,  Nikki  Wilson  (800)  762-2977/FAX:  (650)  286-2770 


■  Network  World.  Inc. 

118Turnpike  Road,  Southborough,  MA  01772 
Phone:  (508)  460-3333 

TO  SEND  E-MAIL  TO  NWW  STAFF 

firstname_lastname@nww.com 

EvileeThibeault,  CEO/Publisher 

John  Gallant,  President/Editorial  Director 

Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE 

Mary  Fanning,  Vice  President  Finance 
Paul  Mercer,  Finance  Manager 
Mary  Kaye  Newton,  Billing/AP  Coordinator 
HUMAN  RESOURCES/BUSINESS  SERVICES 
Monica  Brunaccini.V.  P.  H.R./Business  Services 
Elizabeth  Price,  Director  of  Human  Resources 
Eric  Cormier,  Human  Resources  Representative 
Frank  Coelho,  Senior  Manager,  Business  Services 
LisaThompson,  Business  Services  Administrator 
Mark  Anderson,  Business  Services  Supervisor 
Kevin  McMillen,  Business  Services  Coordinator 
MARKETING 

TerryAnn  Croci,  Director  of  Marketing 

Barbara  Sullivan,  Senior  Research  Analyst 

Johanna  Lombardi,  Marketing  Communications  Manager 

Donna  Kirkey,  Senior  Design  Manager 

Judy  Schultz,  Senior  Graphic  Designer 

Cindy  Panzera,  Graphic  Designer 

Nancy  Petkunas,  Marketing  Specialist 

GLOBAL  PRODUCT  SUPPORT  CENTER 

Nancy  Parquette,  Corporate  Programs  and  Events 

Manager 

ADVERTISING  OPERATIONS 

Karen  Wallace,  Senior  Director  of  Advertising  Operations 
Maro  Eremyan,  Advertising  Coordinator 
Veronica Trotto,  Advertising  Coordinator 
Cara  Peters,  Direct  Response  Ad  Coordinator 

PRODUCTION 

Ann  Finn,  Senior  Production  Director 
Greg  Morgan,  Senior  Production  Manager 
Mike  Guerin,  Senior  Print  Buying  Supervisor 
JamiThompson,  AdTraffic  Coordinator 

CIRCULATION 

Richard  Priante,  Senior  Director  of  Circulation 
Darcy  Beach,  Circulation  Operations  Manager 
Bobbie  Cruse,  Subscriptions  Manager 
Mary  Mclntire,  Senior  Marketing  Specialist 

RESEARCH 

Ann  MacKay,  Research  Director 

DISTRIBUTION 

Bob  Wescott,  Distribution  Manager/(508)  879-0700 

IDG  LIST  RENTAL  SERVICES 

Paul  Capone,  Account  Executive 

P.O.  Box  9151,  Framingham,  MA  01701-9151 

(800)  343-6474/(508)  370-0825,  FAX:(508)  370-0020 

SEMINARS  AND  EVENTS 

Robin  Azar,  Vice  President  of  Events 

Michele  Zarella,  Director,  Events  Business  Development 

Sandra  Gittlen,  Events  Editor 

Betty  Amaro-White,  Event  Finance  Manager 
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This  new  webcast  is 
ready  whenever  you  are. 

Tune  in  today  to  hear  a  discussion  on  valuable  Customer  Premise-based  (CPE-based)  IP  services  that  are  important 
to  enterprises  as  they  try  to  maintain  or  build  their  competitive  differentiation. 

Lucent  Technologies  invites  you  to  watch  this  webcast,  produced  by  ITworld.com  and  Network  World,  and 
co-sponsored  by  Landis  ICT  Group  and  Solunet,  Inc.  The  webcast  features  Brian  Schulz.  Vice  President  of  Product 
Planning  and  Management  for  Access  Point®  IP  Services  Routers,  Lucent  Technologies  and  Jon  Cordova,  Directing 
Analyst,  WAN,  Internet,  and  New  Metro  Access,  Infonetics  Research.  Mr.  Schulz  and  Mr.  Cordova  will  address  the 
opportunities  available  for  enterprises  to  implement  powerful  new  IP  services  solutions,  affordably  and  easily. 
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That  secure  feeling 


A  recent  survey  of  500  Network  World  readers  asked  how  likely  they  were  to  purchase 
four  major  types  of  security  software  within  the  next  two  years.  Here’s  what  they  said: 
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Security 

continued  from  page  1 

security-processing  gear  that  bun¬ 
dles  firewall,  VPN,  viais  scanning 
and  other  security  functions. The 
platform  is  based  on  FortiNet 
security  chips  called  FortiASIC, 
which  scan  for  virus  signatures, 
accelerate  cryptography  process 
packets  for  firewall  filtering  and 
manage  approved  traffic  flows. 

FortiGate  can  screen  content  by 
blocking  all  traffic  from  specified 
URLs  and  traffic  from  sites  that 
are  not  banned  but  nevertheless 
contain  banned  content,  the 
company  says. 

A  FortiGate  box  performs  virus 
scanning  at  Agile  Networks’ head¬ 
quarters  in  San  Jose  and  support¬ 
ing  VPN  connections  to  remote 
users,  says  Francis  Leong,  systems 
administrator  for  the  software 
company.  He  had  been  using 
SonicWall  gear,  but  wanted  to  get 
rid  of  license  fees.  He  continues 
to  use  SonicWall  appliances  at 
remote  sites  for  VPN  links 
because  they  are  already  in  place 
and  interoperate  with  Fortinet’s 
equipment. 

The  FortiGate  products,  FG50, 
FG100,  FG200,  FG300,  FG  400  and 
FG2000,  range  in  price  from  about 
$700  to  $40,000  and  are  available 
now  for  use  in  small-office  to  ISP 
data  centers. 

To  the  world  of  SSL  remote 
access,  Rainbow  is  introducing 
NetSwift  iGate,  a  secure  Web- 
access  device.  NetSwift  iGate  sits 
behind  a  corporate  firewall  and 
establishes  SSL  sessions  over  the 


Internet  with  remote  users,  au¬ 
thenticates  them  and  sets  up 
communication  between  remote 
machines  and  Web-enabled  ap¬ 
plications  on  servers  that  are  pro¬ 
tected  by  the  firewall.  Rainbow 
also  makes  authentication  hard¬ 
ware  tokens  that  it  packages  with 
iGate  so  users  can  practice  what’s 
known  as  “two-factor  authentica¬ 
tion”  rather  than  supplying  just  a 
username  and  password  to 
access  protected  resources. 

NetSwift  iGate  costs  $10,000  for 
50  users  and  $90,000  for  3,000 
users.lt  is  scheduled  to  ship  at  the 
end  of  next  month. 

One  of  iGate’s  competitors, 
Neoteris,  is  introducing  a  smaller- 
capacity  version  of  its  Employee 
Access  proxy  box.  Employee 
Access  150  is  meant  for  100  to  150 
users  as  opposed  to  the  original, 
which  supports  l,000.The  smaller 
capacity  comes  with  a  lower 
price  —  $10,000  vs.  $15,000  for 
the  larger  version  —  so  it  is  more 
affordable  for  smaller  businesses, 
the  company  says.  Neoteris  also  is 
introducing  support  for  au¬ 
thenticating  users  via  external 
Lightweight  Directory  Access 
Protocol  directories. 

Meanwhile,  VeriSign  will  tout  a 
new  slew  of  managed  security 
services  for  intrusion  detection, 
VPNs  and  firewall  monitoring  to 
be  provided  through  two  opera¬ 
tions  centers,  including  its 
Herndon,  Va.,  facility  where  until 
now  it  only  provided  digital  cer¬ 
tificate  and  Domain  Name  ser¬ 
vices.  A  second  VeriSign  opera¬ 
tions  site  will  be  at  Downers 


Purchase  in  next  12  months 

Grove,  Ill.,  the  location  of  the  man¬ 
aged  security  services  provider 
(MSSP)  Telenesus  it  acquired  last 
year. 

According  to  Bob  McCullen, 
senior  director  for  VeriSign  man¬ 
aged  security  services,  the  range 
of  equipment  that  VeriSign  will 
remotely  monitor  on  the  cus¬ 
tomer’s  behalf  includes  the  Cisco, 
Internet  Security  Systems  and 
Enterasys  Networks  intrusion- 
detection  systems  (IDS),  the 
Nokia  and  Check  Point  Software 
firewall/VPNs,  and  managed 
authentication  services  based  on 
ActivCard  hardware  tokens.  The 
company  also  will  undertake 
managed  virus  scanning  and 
content  inspection. 

The  fees  will  range  from  about 
$2,000  to  $2,200  per  month  for 
IDS  management, while  managed 
authentication  would  range  from 
$3.50  to  $12  per  user,  per  month. 
Managed  firewall  service  would 
cost  between  $1,000  and  $2,500 
per  month.  All  the  services 


include  help  desk,  reporting  and 
event  correlation,  McCullen  says. 

Of  critical  importance,  VeriSign 
will  rely  on  another  MSSR 
Counterpane,  to  help  collect  data 
from  the  customers  site  and  ana¬ 
lyze  it  using  Counterpane’s  Sentry 
monitoring  equipment.  VeriSign 
will  send  customer  data  collect¬ 
ed  by  Sentry  to  Counterpane’s 
security  operations  centers, 
where  Counterpane’s  Socrates 
analysis  engine  will  analyze  it  to 
assess  security  threats. 

One  Teleneus  customer,  Na¬ 
tional  Tech  Team,  a  help-desk  out¬ 
sourcing  firm  with  $100  million  in 
annual  revenues  and  1,300  em¬ 
ployees,  says  it  was  unaware  of 
this  arrangement,  but  expected  to 
transition  to  being  a  regular  Veri¬ 
Sign  customer. 

“We  need  this  type  of  service,” 
says  Maj  Homa  youn  fal,  National 
Tech  Team’s  vice  president  of 
technology.  “After  Sept.  1 1 ,  we 
wanted  to  be  able  to  monitor  day 
and  night  using  IDS,  and  Teleneus 
had  the  know-how.  And  it’s  cost- 
effective.” 

Intrusion  detection  at  N+l 

For  those  interested  in  pro¬ 
tecting  their  network  devices 
from  attack,  Tripwire  will  have 
on  exhibit  Tripwire  for  Network 
Devices  2.0,  the  product  evolu¬ 
tion  of  what  was  formerly 
Tripwire  for  Routers  and 
Switches.  Introduced  last  fall, 
the  server-based  software  for 
Solaris  or  Windows  is  used  to 
lock  down  remotely  made 
changes  to  Cisco  IOS-based 
routers  and  switches.  The 
Tripwire  software  also  can 
restore  files  automatically  if 
they  are  tampered  with  or 
destroyed  in  events  such  as 
power  outages. 

Tripwire  for  Network  Devices 
2.0,  which  costs  $249  per  node, 
extends  data-integrity  protection 
to  Cisco’s  Catalyst  switch,  the 
Cisco  PIX  firewall  and  other  ven¬ 
dor  equipment,  including  the 
Hewlett-Packard  ProCurve 
Switch  and  Foundry  Networks 


and  Extreme  Networks  gear. 

Tripwire  also  makes  a  product 
for  server-data  integrity,  and  Trip¬ 
wire  is  showcasing  Tripwire  for 
Servers  3.0,  which  adds  a  way  to 
report  to  the  Check  Point  man¬ 
agement  console  and  the 
Tripwire  for  Manager  3.0  console, 
which  costs  around  $7,000. 

Also  new  is  a  separate  Tripwire 
for  the  Check  Point  firewall  so 
managers  can  be  informed  of 
changes  to  the  Check  Point  fire¬ 
wall,  both  authorized  and  unau¬ 
thorized.  Costing  about  $700,  it 
will  detect  and  report  changes 
but  not  restore  data. 

Trapping  hackers 

Also  at  N+I,  IDS  vendor  Re¬ 
course  Technologies  will  unveil 
the  third  version  of  its  ManTrap 
honeypot,  a  decoy  computer 
used  to  spot  hackers.  ManTrap  3.0 
adds  a  way  to  do  “live-session 
playback”  that  can  show  an  attack 
taking  place  graphically  on  the 
ManTrap  console  as  it’s  occurring 
in  near  real  time. ManTrap  starts  at 
$7,500. 

In  addition,  says  Fred  Kost, 
senior  vice  'president  of  market¬ 
ing,  Recourse  will  showcase 
ManHunt  2.1,  which  will  be  able 
to  inspect  traffic  at  2G  bit/sec, 
doubling  the  previous  speed.  Kost 
says  a  lot  of  the  advance  is  possi¬ 
ble  because  Intel  processors  are 
improving  to  help  with  process¬ 
ing  power.  ManHunt  2.1,  which 
costs  $25,000,  also  will  be  able  to 
use  SQL  to  export  data  into 
reporting  packages. 

Recourse  which  today  will 
announce  $1 1  million  in  funding 
from  Mesirow  Financial,  now  has 
about  120  customers.  Some  cus¬ 
tomers  say  they  also  use  ManTrap 
to  look  inside  the  corporate 
intranet  for  suspicious  activity. 

“It  can  help  in  spotting  some¬ 
one  trying  to  hack  into  your 
wireless  LAN,"  says  Jeff  Uslan, 
director  of  information  protec¬ 
tion  and  security  at  Sony 
Pictures  Entertainment.  “Some¬ 
one  can  be  in  a  parking  lot  try¬ 
ing  to  do  this."B 


Network  Associates,  ISS 
to  gang  up  on  net  intruders 


■  BY  ELLEN  MESSMER 

Network  Associates  and  Internet  Security 
Systems  last  week  announced  an  alliance  under 
which  they  will  use  each  other’s  technologies  and 
marketing  power  —  an  effort  spurred  by  a  rise  in 
network  security  incidents  known  as  “blended 
threats.” 

Under  the  three-year  agreement  outlined  by 
Network  Associates  President  George  Samenuk 
and  ISS  Chairman,  President  and  CEO  Tom 
Noonan,  ISS  will  share  its  intrusion-detection 
technology,  while  Network  Associates  shares  its 
virus-protection  capabilities. 

The  security  firms  also  each  have  a  rapid- 
i espouse  team  —  ISS  has  X-Force,  Network 
•'•osuc iates  has  the  Avert  Labs  —  to  address  secu- 
rity  threats  as  they  arise,  and  these  teams  are 
expci.  ted  to  begin  sharing  analysis. The  alliance, 
intended  to  give  each  company  access  to  tech¬ 
nology  it  lacks,  also  promises  a  slew  of  new  prod¬ 


ucts  that  may  be  co-marketed. 

Noonan  said  that  some  of  the  worst  security 
incidents  in  the  last  year  have  been  triggered  by 
blended  threats,  attacks  that  have  downed  computer 
systems  and  networks  by  combining  virus  infection, 
Trojan  horses  and  automated  hacking  attacks  to 
exploit  vulnerabilities.  These  threats  —  such  as  the 
Nimda  and  Code  Red  worms  —  spurred  the  com¬ 
panies  to  begin  a  dialog. 

The  only  other  security  firm  with  the  same 
breadth  of  products  as  ISS  and  Network 
Associates  combined  is  Symantec, a  rival  not  men¬ 
tioned  by  the  two  executives,  but  certainly  a  fierce 
competitor  to  both  companies. 

By  the  first  quarter  of  2003,  Network  Associates 
will  ship  a  new  network  intrusion-detection  sys¬ 
tem  built  on  Network  Associates’ Sniffer  platform 
and  using  ISS  technology,  Samenuk  says.  In  previ¬ 
ous  years,  Network  Associates  tried  but  failed  to 
make  much  of  a  dent  in  the  IDS  market  and 
withdrew  from  this  market  about  a  year  ago.  ■ 
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Where  technology  leaders 
answer  to  you. 


With  the  explosive  growth  of  online  information  and  transactions,  every  organization  is  faced  with  a  flood  of  data  and  a  deluge 
of  questions.  How  do  you  meet  the  increased  demand  for  access  to  information  in  a  world  of  shrinking  budgets?  What's  the  best 
way  to  squeeze  more  efficiency  out  of  your  existing  systems?  Which  storage  management  and  business  continuity  tools  are  criti¬ 
cal  to  success?  Attend  this  FREE  event  and  get  answers  to  questions  like  these. 


In  one  day,  learn: 

o  How  to  create  a  strong  disaster  recovery  plan 

o  The  best  strategies  for  keeping  your  business  running 
non-stop 

o  The  next  big  ideas  in  storage  resource  management 
o  Which  emerging  standards  will  stand  the  test  of  time 

o  The  latest  options  in  IP,  Gigabit  Ethernet  and  Fibre 
Channel  infrastructure 


.. 


Sign  up  today  and  find  out  how  to  weather  any  storm! 
REGISTER  ONLINE  www.networkworld.com/events/storage 
OR  CALL  1.800.643.4668 


This  event  is  intended  for  IT  professionals  currently  involved  in  the  evaluation  and  purchase  of  storage  products  and : 
Seating  is  limited  for  non-IT  professionals.  Network  World  reserves  the  right  to  determine  total  audience  profile. 


To  participate  as  an  event  sponsor,  or  if  you  are  interested  in  on-site  training  for  your  company,  contact  Andrea  D'Amato  at  508-490-6520  or  adamato@nww.com 
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Network  bits  and  pieces 


Everything  from  new  switches  to  IP  phones  will  be  rolled  out  at  N+l.  Here’s  a  sampling: 


HP’s  ProCurve  5300x1 

•  76.8G  bit/sec  of  switching  capacity. 

•  Supports  Layer  2  to  4  switching  and  QoS. 

•  Compatible  with  Cisco  EtherChannel  and  CDP. 


Mitel’s  5230  phone  with  PDA  cradle 

•  Connects  PDA  to  network. 

•  PDA  screen  acts  as  phone  display. 

•  Recharges  PDA. 


Redline  Networks’  T/X  2000  series 

•  TheT /X  2250  is  designed  for  server  farms 
with  a  high  percentage  of  SSL  traffic. 

•  Supports  up  to  50,000  simultaneous 
connections. 

•  Can  handle  800  SSL  transactions  per 
second. 


Switches 

continued  from  page  1 

getting  some  of  the  credibility 
back  they  lost  with  big  enter¬ 
prise  shops,” says  Ray  Mota,chief 
research  officer  with  Synergy 
Research.  While  observers  say 
3Com  alienated  itself  from 
some  enterprise  users  by  end¬ 
ing  its  CoreBuilder  line  of  chas¬ 
sis-based  switches,  Mota  thinks 
3Com’s  building-block  ap¬ 
proach  could  appeal  to  compa¬ 
nies  that  want  to  deploy  a  net¬ 
work  core  gradually  instead  of 
investing  in  a  large  chassis- 
based  switch.  Having  10G  Ether¬ 
net  technology  also  will  let 
3Com  compete  with  companies 
that  already  have  announced 
10G  equipment,  Mota  adds. 

3Com  rival  HP  will  debut  two 
modular  switch  models  intend¬ 
ed  to  let  companies  upgrade  to 
Layer  3  switching  in  a  backbone 
or  wiring  closet,  while  keeping 
costs  down.  The  ProCurve 
5300x1  series  of  switches  come 


in  four-  and  eight-slot  chassis, 
and  both  provide  76. 8G  bit/sec 
and  48  million  packet/sec  of 
traffic  throughput. The  switches 
can  be  fitted  with  24-port 
10/100M  bit/sec  modules,  cop¬ 
per-based  Gigabit  blades  or 
multi-  or  single-mode  fiber 
Gigabit  Interface  Converter 


blades. 

The  5300x1  backbone  device 
can  switch  traffic  on  all  ports  at 
Layers  2  to  4.  It  also  supports 
multilayer  quality-of-service 
(QoS)  technologies  such  as 
802. Ip  packet  prioritization, 
Layer  3  type  of  service  and 
Differentiated  Services  TCP/User 


Datagram  Protocol  (UDP)  source 
and  destination  address  prioriti¬ 
zation  for  ensuring  latency-sensi¬ 
tive  IP  traffic  such  as  voice  or 
video  is  delivered  properly 

The  5300xl’s  multilayer  capa¬ 
bilities  appeal  to  Jim  Pfaff,a  net¬ 
work  consultant  with  network 
testing  equipment  maker  Ag¬ 
ilent  Technologies’  IT  Network 
and  Communications  Services, 
who  oversees  a  net  of  4,700  HP 
switches.  Pfaff  says  for  the  most 
part  he  uses  Layer  2  HP  switch¬ 
es,  but  is  considering  the  5300x1 
for  upgrading  the  backbone  to 
Layer  3. 

The  ProCurve  4108gl  switch  is 
an  eight-slot  chassis  with  36. 6G 
bit/sec  of  capacity,  and  includes 
the  same  Layer  2  to  4  switching, 
load  balancing,  QoS  and  Cisco- 
compatible  features  as  the  5300 
series. The  ProCurve  5300x1  and 
4 1 08gl  are  available  now  for 
$3,000  and  $2,200,  respectively. 
The  switches  will  compete  with 
products  such  as  Cisco’s 
Catalyst  4000  series  and  3Com’s 
Switch  4007  and  4005  products. 

Separately,  Foundry  will 
release  IronView  Network  Man¬ 
ager  (INM)  1.5  for  helping  cor¬ 
porate  IT  staffs  control  network 
security  and  traffic  utilization 
on  Foundry-based  networks. 
INM  is  used  to  tap  into  built-in 
network  management  and 
monitoring  capabilities  in  Foun¬ 
dry’s  JetCore  ASIC  chips  in¬ 
stalled  on  Foundry’s  newer  Big- 
Iron,  Fastlron  and  Netlron 
switches  and  routers.  Foundry 
says  INM  can  eliminate  the 
need  for  Remote  Monitoring 
probes  and  products  by  draw¬ 
ing  the  management  data  from 
the  switches. 

On  the  voice-over-lP  product 
menu  is  Nortel’s  Succession  CSE 
MX,  the  company’s  latest  IP  PBX 
offering, aimed  at  replacing  time 
division  multiplexing  PBX  sys¬ 
tems  or  augmenting  a  PBX  with 


multimedia  applications. 

The  CSE  MX  will  not  be  a 
Nortel-branded  hardware/soft¬ 
ware  product,  like  the  compa¬ 
ny’s  Succession  CSE  1000  or 
Business  Communication  Man¬ 
ager  IP  PBX  products.  The  new 
IP  PBX  will  be  sold  as  software 
running  on  a  Solaris  8-based 
Netra  server.  The  Nortel  CSE  MX 
software  and  Sun  servers  will  be 
sold  through  Nortel  channels. 

The  CSE  MX  software  is  based 
on  Java  and  uses  Session 
Initiation  Protocol  (SIP)  for  call 
control  and  multimedia  appli¬ 
cations  such  as  video,  confer¬ 
encing  and  instant  messaging. 
According  to  the  company,  the 
server  can  scale  from  2,000 
users  on  a  single  server  to 
200,000  on  a  cluster  of  CSE 
servers.  By  contrast,  Nortel’s  CSE 
1000  IP  PBX,  introduced  last 
year,  could  support  600  users. 

The  CSE  MX  will  support  Nor¬ 
tel’s  i2004  IP  phone,  or  other  SIP- 
based  IP  handsets.  Nortel’s  IP 
PBX  will  compete  with  Avaya’s 
S8700  Media  Server,  Cisco’s 
AW1D  Media  Convergence  Se¬ 
rver,  Alcatel’s  OmniPCX  4400  and 
Siemens’  HiPath  5000.  The  CSE 
MX  will  be  available  in  August  for 
$600  to  $900  per  user,  including 
phone  costs. 

Also  at  the  show,  Alcatel 
announced  it  is  adding  IP  Sec¬ 
urity  VPN  capabilities  to  its 
OmniAccess  512  multifunction 
branch-office  LAN  switchAVAN 
router,  letting  the  device  double 
as  a  VPN  box.The  company  says 
the  device  can  perform  2M 
bit/sec  of  Triple-DES  encryption 
and  support  10  VPN  tunnels.  To 
upgrade  a  current  OA512  re¬ 
quires  a  daughter  card  that 
costs  $700  and  a  software 
upgrade  that  costs  $500.  A  new 
OA512  with  VPN  capabilities 
starts  at  $4,285  and  is  scheduled 
to  be  available  at  the  end  of  this 
month.  ■ 


Vendors  to  speed, 
secure  Web  apps 

Web  acceleration  vendors  will  also  take 
center  stage  at  NetWorld+Interop  2002 
Las  Vegas  to  show  off  the  latest  prod¬ 
ucts  designed  to  speed  up  customer  Web 
applications  while  reducing  management 
headaches  for  network  executives. 

NetScaler  and  Redline  Networks  will  demon¬ 
strate  devices  that  integrate  security  into  traffic 
management  and  Web  acceleration  appliances. 
F5  Networks  will  take  the  wraps  off  traffic  man¬ 
agement  software  designed  to  handle  the  load 
among  server  blades  within  a  chassis. 

Analysts  say  F5,  which  competes  with  ven¬ 
dors  such  as  Nortel  and  Cisco  with  its  Internet 
traffic-management  products,  is  one  of  the  first 
to  offer  a  traffic  management  product  designed 
specifically  for  blade  servers. 

The  BIG-IP  Blade  Controller  is  software  that 
is  loaded  on  a  blade,  or  two  blades  for  high 
availability,  and  intelligently  directs  IP  traffic  to 
the  best  blade  or  application  within  the  partic¬ 
ular  chassis. 

The  BIG-IP  Blade  Controller  for  Compaq, 
Hewlett-Packard  and  RLX  Technologies  blade 
servers  is  scheduled  to  be  available  later  this 
month  and  priced  between  $3,500  for  a  single 
CPU  and  $5,000  for  dual  CPUs,  and  $400  per 
managed  blade  server.  Compaq,  Dell,  Fujitsu, 
HP  and  RLX  plan  to  ship  blade  server  pred¬ 
icts  running  BIG-IP  Blade  Controller  this  year. 
For  its  part,  NetScaler  is  tackling  secure 
application  delivery  with  the  Request  Switch 
9000  .ON  series,  which  adds  Secure  Sockets 
La,-  r  (SSl)  acceleration,  compression  and 
ether  features  to  its  flagship  family. 

Because  tne  AjOO  iON-series  switches,  which 


will  sit  in  front  of  Web  servers,  off-load  TCP  pro¬ 
cessing  from  the  servers  and  maintain  persis¬ 
tent  connections  with  Web  browsers  and  serv¬ 
ers,  they  can  scan  requests  coming  in  for  secu¬ 
rity  vulnerabilities.  They  also  can  compress 
secure  data,  reducing  bandwidth  demands. 

Online  catalog  retailer  Brylane  e-commerce 
has  used  NetScaler  request  switches  since  last 
fall.  Alex  Betancur,  CTO  at  Brylane,  says  the 
switches  have  not  only  increased  site  availabili¬ 
ty  and  cut  infrastructure  demands,  but  protect¬ 
ed  the  site  from  a  denial-of-service  attack. 

Betancur  says  Brylane  is  looking  at  using  the 
new  9000  iON  series  switches  because  of  the 
additional  security  and  performance  features. 

"They’re  making  [the  9000  series]  a  utility  box 
that  does  a  lot  more  than  just  manage  traffic," 
he  says.  "As  a  CTO,  I’m  always  looking  for 
something  that’s  going  to  reduce  the  cost  and 
reduce  the  number  of  machines  we  have  to 
maintain." 

The  9000  iON  series  can  support  4,400  SSL 
transactions  per  second  and  is  slated  to  be 
available  next  month.  The  smaller  RS9400  sup¬ 
ports  up  to  400,000  concurrent  connections, 

100M  bit/sec  of  throughput,  8,000  requests  per 
second  and  integrated  SSL.  It  costs  $19,900.  The 
RS9800  handles  up  to  two  million  concurrent 
connections,  2G  bit/sec  of  throughput  and  up  to 
80,000  requests  per  second.  It  starts  at  $60,000. 

Meanwhile,  Redline  will  demonstrate  three 
new  appliances  that  incorporate  SSL  encryp¬ 
tion.  The  appliances  sit  in  front  of  server  clus¬ 
ters  and  are  intended  to  reduce  the  number  of 
TCP  connections  the  servers  have  to  handle. 
The  T/X  2000,  T/X  2200  and  T/X  2500  have  built- 
in  SSL  processing  and  can  handle  between 
100  and  800  SSL  transactions  per  second,  and 
costs  from  $10,000  to  $27,000. 

—  Jennifer  Mears 
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BackSpin 


Mark  Gibbs 


A  Zen  moment  and  a  cheap  thrill 

B 


ack  in  the  good  ol’  days,  say 
1985  (or  10BI  —  Before  the 
Internet),you  had  to  go  to  trade 
shows  to  find  out  what  was  going  on. 
There  simply  weren’t  many  other 
sources  of  market  intelligence. 

Any  of  you  remember  the  first 
NetWorld  put  on  by  Novell  in,  I 
think,  1988  (7BI)  in  Dallas?  It  was  the  best  trade 
show  1  have  ever  been  to.  Everyone  was  enthusias¬ 
tic  and  the  people  manning  the  stands  actually 
knew  something! 

But  things  have  changed. Today  focused  trade 
shows  are  rare  and  usually  very  small,  while  the  big 
shows  are  huge  and  generalized.  But  what  has  really 
changed  is  that  marketing  drives  the  shows. 

Trade  shows  have  become  opportunities  for  image 
building,  and  information  distribution  is  secondary 
Take  the  average  booth  —  you’ll  find  perhaps  two 
experts  in  constant  meetings  while  the  booth  babes 
and  marketing  droids  hand  out  product  fliers,  take 
leads  and  talk  to  each  other. 

Should  you  dispute  the  marketing  focus,  just  con¬ 
sider  what  booths  look  like. Vast  palaces  of  lights  and 
enormous  video  screens  showing  images  that  are 
fabulously  exciting  and  totally  devoid  of  any  rele¬ 
vance  to  the  product  at  hand. 

All  this  is  accompanied  by  dull  and  frequently 
cheesy  demos  and  presentations  delivered  by 


clowns  and  other  entertainers.  It  smacks  of  despera¬ 
tion  for  attention  rather  than  desire  to  engage  the 
market  in  a  meaningful  way 

The  problem  for  vendors  is  obvious:  They  want  to 
talk  to  buyers.  But  as  shows  get  bigger  and  more 
generalized,  finding  real  buyers  becomes  harder.  So 
rather  than  focus  on  communicating  about  prod¬ 
ucts,  they  focus  on  marketing.  It  is  logical  and  cost- 
effective,  but  for  attendees  it  devalues  the  purpose 
of  being  at  a  show. 

Here  on  the  eve  of  NetWorld+Interop,  I  find  myself 
wondering  why  we  go  to  the  big  trade  shows.  And 
then  the  answer  comes  to  me:  It  is  a  combination  of 
habit,  personal  networking  and  occasionally  talking 
to  specific  vendors.  But  usually  it’s  the  freebies  and 
the  parties. 

“Whoa!”  said  a  friend  of  mine.“What  about  those 
moments  when  you  find  a  product  by  accident  or 
have  that  chance  encounter  and  it  clarifies  a 
thought  or  solves  a  problem?" 

Well  what  about  those  moments?  Just  because  you 
got  your  Zen  flash  while  surrounded  by  jugglers  in 
the  middle  of  some  whacko  show  booth  while  suf¬ 
fering  from  a  world-class  hangover  after  going  to  bed 
at  four  in  the  morning  having  lost  a  month’s  pay  at 
blackjack  doesn’t  justify  the  thousands  of  dollars  in 
flights,  hotels  and  meals  and  days  of  travel  and  time 
away  from  your  job. 

Surely  you  can’t  seriously  suggest  that  that  Zen 
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moment  of  insight  couldn’t  have  come  while  you 
were  sitting  on  your  butt  in  your  office? 

“But  there's  also  community  and  education,”  my 
friend  said. “Horse  puckey!”!  replied. 

Community  doesn’t  really  exist  at  the  big  shows. 
Sure, you  collect  a  few  cards,  but  looking  for  new 
contacts  and  establishing  relationships  isn’t  easier  at 
a  big  trade  show;  it  is  harder!  When  you  factor  in  the 
distractions  and  the  hangovers,  it  is  a  miracle  that 
anyone  can  remember  anyone  else. 

As  for  my  friend’s  final  argument  — “You  get  to 
find  out  where  the  industry  is  headed” —  I’d  argue 
that  you  only  get  to  see  the  trends  according  to 
where  the  industry’s  money  is  placing  its  bets;  you 
don’t  get  to  see  what  really  matters.  A  great  example 
of  this  is  the  keynote  speech.  At  one  time,  keynotes 
were  important  and  outlined  the  thinking  driving  the 
industry  Today  (thanks  to  Bill  Gates,  who  bucked  tra¬ 
dition  many  years  ago  at  Comdex),  keynote 
speeches  are  usually  poorly  veiled  product  pitches. 

So  what  is  the  future  of  trade  shows?  Well  the  Web 
is  making  it  easier  to  find  new  vendors  and  tech¬ 
nologies,  and  demos  are  usually  available  so  there’s 
even  less  reason  to  go.  But  1  think  we’ll  be  going  to 
the  big  shows  for  a  long  time  to  come.  After  all, you 
might  get  a  Zen  moment,  and  the  cheap  thrills 
make  it  all  worthwhile.  See  you  at  N+I. 

Show  your  thoughts  to  backspin@gibbs.com. 


uzz  News,  insights,  opinions  and  oddities 


By  Paul  McNamara 


Firing  back  at  Buzz 

Time  for  more  of  your  e-mail: 

An  item  here  that  made  fun  of  a  dunderhead 
who  answered  "yes"  when  asked  for  his  “sex"  on 
a  job  application  —  and  then  threatened  to  sue 
when  he  didn’t  get  the  job  —  elicited  this  counter¬ 
punch: 

“While  putting  that  in  for  an  answer  was  pretty 
stupid  when  you  are  trying  to  impress  someone,  the  fact  that  the  question  was 
ever  asked  is  a  problem,"  Rob  Bynum  writes.  "The  very  fact  that  questions  like 
sex  and  race  are  being  asked  on  applications  suggests  they  are  using  the  infor¬ 
mation  to  make  a  hiring  decision  which  then  lends  itself  (in  this  case)  to  sexual 
discrimination.  Employers  are  asking  for  lawsuits  when  they  ask  such  ques¬ 
tions." 

A  contention  by  this  columnist  that  it's  high  time  to  start  taxing  online  sales  in 
the  same  manner  as  their  brick-and-mortar  brethren  brought  this  retort: 

“When  you  nationalize  the  sales  tax,  what  would  you  do  about  states  like 
Oregon  that  have  none  right  now  (and  which  have  refused  attempts  to  impose 
one)?"  George  Hadley  asks.  "Would  stores  in  Oregon  have  to  raise  their  prices  to 
cover  sales  taxes  on  items  shipped  to  Washington  as  well  as  cover  the  costs  of 
their  employees  who  have  to  pay  the  state  income  tax?” 

Another  reader  from  another  notoriously  antitax  state  agrees: 

Internet  taxes  would  kill  [online]  sales  here  in  New  Hampshire,”  Phil  Daley 
writes.  "Why  pay  tax  on  something  you  can  buy  without  tax  in  a  local  store?” 

Convenience,  for  one  thing,  but  that's  not  really  the  point _ we  don't  claim  to 

‘  i' .» at  the  details  worked  out,  but  any  change  in  tax  law  inevitably  will  produce 
•  a  losers.  Oregonians  and  New  Hampshirites  may  find  themselves 
among  the  latter. 

:  u'i>  ooes  Buzz  want  Internet  users  to  pay  sales  taxes,  he  also  wants  them 


to  pay  for  content.  A  recent  item  suggested  that  only  an  end  to  the  free-lunch 
attitude  many  ’Net  users  hold  dear  will  guarantee  a  future  for  quality  content.  The 
theory  was  not  universally  well-received. 

“I  just  finished  reading  your  column,  and  I  have  a  minor  issue  to  bring  up  regard¬ 
ing  your  position  on  paying  for  online  content,"  Greg  Gehle  writes.  “I  think  the  key 
to  quality  content  is  competition.  With  competition  we  should  theoretically  get 
better  content,  and  users  will  pay  for  quality.  But  if  the  content  we  pay  for  is  only 
marginally  better  than  the  free  content,  there  will  be  no  incentive  to  continue  to 
pay  for  it.” 

Another  reader  continues  to  maintain  his  faith  in  the  willingness  of  others  to 
pay  the  freight. 

“I  pay  an  ISP  for  access  to  the  Web,"  Shaun  Carignan  writes.  "Advertisers  will 
continue  to  pay  for  access  to  me." 

If  only  that  were  true. 

One-upping  the  columnist  is  a  popular  pastime  for  readers.  For  example,  there 
was  this  reply  to  an  item  about  a  Web  site  —  www.backyardartillery.com  — 
which  sells  a  nifty  "machine  gun" . . .  that  shoots  rubber  bands. 

"To  paraphrase  Crocodile  Dundee:  That’s  not  a  gun,”  Wayland  Kwock  writes. 
"THIS  is  a  gun  . . .  www.spudtech.com." 

Who  would  have  thought  the  common  potato  could  be  so  versatile? 

And  finally,  we  have  this  former  resident  of  Providence,  R.I.,  who  was  amused  to 
read  about  the  mayor  of  that  city  and  his  attempts  —  real  and  alleged  —  to  fire 
back  at  his  political  foes  using  the  Internet: 

“Having  grown  up  in  Providence,  I  read  with  interest  your  story  about  the 
mayor,  Buddy  Cianci.  Looking  into  the  Web  site  in  question,  I  laughed  until  I 
cried,"  Ken  Roundtree  writes.  "As  far  as  the  verdict  from  his  impending  [corrup¬ 
tion]  trial,  remember  O.J.?  I  believe  Buddy's  local  celebrity  will  help  him  slip 
through  the  fingers  of  the  prosecutors,  and  he’ll  just  continue  to  peddle  his 
'Mayor’s  Own'  marmara  sauce  on  TV." 

You  know  you  want  to  write.  The  address  is  buzz@nww.com. 
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SQUEEZE  UP  TO  40%  OUT 
OF  YOUR  I.T.  COSTS. 


Over  the  past  decade,  the  Total  Cost  of 
Ownership  (commonly  referred  to  as  TCO) 
for  server  infrastructures  has  been  moving 
in  one  direction:  up.  And  without  the 
right  solutions,  this  trend  shows 
no  sign  of  reversing  itself. 

Now  comes  the  good  news. 

When  compared  to  server 
consolidation  solutions  from 
Sun  and  Compaq,  IBM  can 
reduce  your  TCO  by  nearly 
40%  over  five  years!  How? 
By  enabling  servers  to 
utilize  a  higher  level  of 
capacity,  manage  work¬ 
loads  more  effectively,  and 
provide  the  reliability  needed 
to  keep  them  up  and  running. 

One  thing  that  helps  to 
make  all  of  this  possible  is  a 
powerful,  ongoing  IBM  (©server 
initiative— which  enables  us  to 
continually  develop  new,  innovative, 
self-managing  features  that  can  make  I.T. 
infrastructures  more  advanced  yet  less  complex. 


The  IBM  @ server  pSeries  690.  For  example,  with 
the  p690,  our  most  advanced  UNIX®  server, 
you  can  consolidate  multiple  workload 
environments  on  a  single  server  system. 

So  instead  of  needing  more  servers, 
you’ll  have  a  server  that  does  more. 

In  fact,  you  can  support  up  to  16 
partitions  at  once  with  hundreds 
of  configuration  options. 

And  with  the  ability  to  run 
UNIX  in  some  partitions 
and  Linux®  in  others,  you 
can  run  a  broad  range  of 
applications. 

Complimentary  CD:  Insights 
on  Infrastructure.  Want  to 
know7  more?  This  CD,  created 
by  Gartner  Inc.,  covers  the  full 
spectrum  of  e-business  topics— 
from  server  consolidation  to 
security  to  TCO -grounded  in 
real-world  examples  of  customers 
who  realized  significant  cost  savings 
and  strong  ROI.  For  your  complimentary 
CD,  call  us  or  visit  ibm.com/eserver/scon3 


FOR  YOUR  COMPLIMENTARY  CD,  LOG  ON  OR  CALL  IBM. 


(go  ibm.com/eserver/scon3  Q  800  426  7777,  priority  code  102AF012 


•This  comparison  is  Dased  on  "Value  Proposition  for  E-Infrastructures:  Cost/Benefit  Case  for  IBM  eserver,"  International  Technology  Group.  2002.  IBM,  the  e-business  logo  and  pSeries  are  trademarks  or  registered  trademarks  of  International  Business  Machines 
Corporation  m  the  United  States,  other  countries,  or  both.  UNIX  is  a  registered  trademark  of  The  Open  Group.  Linux  is  a  registered  trademark  of  Linus  Torvalds.  ©  2002  IBM  Corporation.  All  rights  reserved 


ABIHAN  is  a  registered  trademark  ol  ApTRAN,  Inc.  NetVanta  is  a  trademark  of  ADTRAN,  Inc.  EN29E04I502NW 
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NetVanta  "2000 
Series:  VPN/internet 
Security  Solutions 


Secure  communication 
over  Internet  and  IP 
networks 


Standards-based 
VPN  gateways  with 
integrated  firewall 


Stateful  inspection 
firewall  protects  against 
cyber  attacks 


Internal  router 
supports  multiple  users 


Network  Address 
Translation  (NAT)  conceals 
private  IP  addresses 


Data  Encryption 
Standard  (DES)  or3DES 
secures  data 


VPNC 

CERTIFIED 


Internet  Key  Exchange 
(IKE)  authenticates  users 


Web-based  configuration 
and  management 

Reliable  pre-  and 
post-sales  support 

Reassuring  five-year  warranty 


Host  Site  Office 

NetVanta  2300 


Small  OfficeyHome  Office 

NetVanta  21  Cn 
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Secure  VPN  solutions  from 
the  leader  in  WAN  connectivity. 


The  NetVanta™  2000  Series  from  ADTRAN' 

In  choosing  your  VPN  access  solution,  consider  the 
NetVanta  2000  series  from  ADTRAN.  You’ll  get  secure, 
low-cost  connectivity  across  the  Internet,  with  the 
protection  of  a  stateful  inspection  firewall  and  the 
convenience  of  an  internal  router.  All  from  the  company 
that  sells  more  enterprise  connectivity  solutions  across 
more  service  technologies  than  any  other  vendor. 

The  NetVanta  2000  series  delivers  the  exact  VPN 
functionality  you  need  to  connect  remote  offices, 
telecommuters,  and  mobile  users  to  corporate  information 
resources,  securely  and  cost-effectively.  Backed 
by  a  full  five-year  warranty  and  unsurpassed 
technical  support  from  the  leader  in  connectivity, 
the  NetVanta  2000  series  is  one  of  the  most 
risk-free  decisions  you  can  make  for  VPN. 


ADTRAN.  Ask  for  n  by  name. 


For  a  free  VPN  technology  primer,  visit 
www.  a  dtra  n .  com/n  w04 1 502 


877.894.4614  Technical  Questions 
877.280.8416  Where  to  Buy 


Experts  choose  ADTRANT 


Adirati 


